Skip to main content
main-content
Top

Hint

Swipe to navigate through the chapters of this book

2021 | OriginalPaper | Chapter

Active Dictionary Attack on WPA3-SAE

Authors : Manthan Patel, P.P Amritha, R. Sam jasper

Published in: Advances in Computing and Network Communications

Publisher: Springer Singapore

share
SHARE

Abstract

In wireless network, we have different protocols like WEP, WPA, and WPA2. WPA3 is currently used standard protocol in WIFI to authenticate the client with access point. In the WPA3, Simultaneous Authentication of Equals protocol downgrade attack is already discovered. With the downgrade attack, we are able to do offline dictionary attack on WPA3-SAE protocol. WPA3-SAE is also known as WPA3-Personal. Dictionary attack is classified into active dictionary attack and passive dictionary attack. Passive dictionary attack is also known as offline dictionary attack. In this paper, we proposed active attack model in which software will try different password from given dictionary word list until it connect with the Access Point. In this model, computer will change their MAC address continuously so that access point won’t detect as an attack. To speed up the process, we can use multiple virtual machines that will work as a separate wireless client to the access point.
Literature
1.
go back to reference M. Vanhoef, E. Ronen, Dragonblood: analyzing the dragonfly handshake of WPA3 and EAP-pwd, in Proceedings of the 2020 IEEE Symposium on Security and Privacy (S&P 2020) (IEEE, 2020) M. Vanhoef, E. Ronen, Dragonblood: analyzing the dragonfly handshake of WPA3 and EAP-pwd, in Proceedings of the 2020 IEEE Symposium on Security and Privacy (S&P 2020) (IEEE, 2020)
2.
go back to reference O. Nakhila, A. Attiah, Y. Jin, C. Zou, Parallel active dictionary attack on WPA2-PSK Wi-Fi networks, in 2015 IEEE Military Communications Conference (MILCOM 2015) (IEEE, 2015), pp. 665–670 O. Nakhila, A. Attiah, Y. Jin, C. Zou, Parallel active dictionary attack on WPA2-PSK Wi-Fi networks, in 2015 IEEE Military Communications Conference (MILCOM 2015) (IEEE, 2015), pp. 665–670
3.
go back to reference C.P. Kohlios, T. Hayajneh, A comprehensive attack flow model and security analysis for Wi-Fi and WPA3. Electronics 7(11), 284 (2018) CrossRef C.P. Kohlios, T. Hayajneh, A comprehensive attack flow model and security analysis for Wi-Fi and WPA3. Electronics 7(11), 284 (2018) CrossRef
5.
go back to reference D. Fehér, B. Sandor, Effects of the WPA2 krack attack in real environment, in 2018 IEEE 16th International Symposium on Intelligent Systems and Informatics (SISY) (IEEE, 2018) D. Fehér, B. Sandor, Effects of the WPA2 krack attack in real environment, in 2018 IEEE 16th International Symposium on Intelligent Systems and Informatics (SISY) (IEEE, 2018)
6.
go back to reference M.A. Abo-Soliman, M.A. Azer, A study in WPA2 enterprise recent attacks, in 2017 13th International Computer Engineering Conference (ICENCO) (IEEE, 2017) M.A. Abo-Soliman, M.A. Azer, A study in WPA2 enterprise recent attacks, in 2017 13th International Computer Engineering Conference (ICENCO) (IEEE, 2017)
7.
go back to reference T. Radivilova, H.A. Hassan, Test for penetration in Wi-Fi network: attacks on WPA2-PSK and WPA2-enterprise, in 2017 International Conference on Information and Telecommunication Technologies and Radio Electronics (UkrMiCo) (IEEE, 2017) T. Radivilova, H.A. Hassan, Test for penetration in Wi-Fi network: attacks on WPA2-PSK and WPA2-enterprise, in 2017 International Conference on Information and Telecommunication Technologies and Radio Electronics (UkrMiCo) (IEEE, 2017)
8.
go back to reference C.-M. Chen, T.-H. Chang, The cryptanalysis of WPA & WPA2 in the rule-based brute force attack, an Advanced and efficient method, in 2015 10th Asia Joint Conference on Information Security (IEEE, 2015) C.-M. Chen, T.-H. Chang, The cryptanalysis of WPA & WPA2 in the rule-based brute force attack, an Advanced and efficient method, in 2015 10th Asia Joint Conference on Information Security (IEEE, 2015)
10.
go back to reference A.K. Mohan, M. Sethumadhavan, Wireless security auditing: attack vectors and mitigation strategies. Procedia Comput. Sci. 115, 674–682 (2017) A.K. Mohan, M. Sethumadhavan, Wireless security auditing: attack vectors and mitigation strategies. Procedia Comput. Sci. 115, 674–682 (2017)
11.
go back to reference A.A. Kumar, A.K. Mohan, P.P. Amritha, Deceiving attackers in wireless local area networks using decoys. J. Cyber Secur. Mob. 7(1), 201–214 (2018) A.A. Kumar, A.K. Mohan, P.P. Amritha, Deceiving attackers in wireless local area networks using decoys. J. Cyber Secur. Mob. 7(1), 201–214 (2018)
12.
go back to reference A. Raghuprasad, S. Padmanabhan, M. Arjun Babu, P.K. Binu, Security analysis and prevention of attacks on IoT devices, in 2020 International Conference on Communication and Signal Processing (ICCSP) (IEEE, 2020), pp. 0876–0880 A. Raghuprasad, S. Padmanabhan, M. Arjun Babu, P.K. Binu, Security analysis and prevention of attacks on IoT devices, in 2020 International Conference on Communication and Signal Processing (ICCSP) (IEEE, 2020), pp. 0876–0880
13.
go back to reference C. Sudar, S.K. Arjun, L.R. Deepthi, Time-based one-time password for Wi-Fi authentication and security, in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (IEEE, 2017), pp. 1212–1216 C. Sudar, S.K. Arjun, L.R. Deepthi, Time-based one-time password for Wi-Fi authentication and security, in 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI) (IEEE, 2017), pp. 1212–1216
Metadata
Title
Active Dictionary Attack on WPA3-SAE
Authors
Manthan Patel
P.P Amritha
R. Sam jasper
Copyright Year
2021
Publisher
Springer Singapore
DOI
https://doi.org/10.1007/978-981-33-6977-1_46