ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Dragonshield : An Authentication Enhancement for Mitigating Side-Channel Attacks and High Computation Overhead in WPA3-SAE Handshake Protocol

Hansdah, RC and Jamwal, J and Gudivada, RB (2022) Dragonshield : An Authentication Enhancement for Mitigating Side-Channel Attacks and High Computation Overhead in WPA3-SAE Handshake Protocol. In: 23rd International Conference on Distributed Computing and Networking, 4-7 Jan 2022, Virtual, Online, pp. 188-197.

[img] PDF
ICDCN_2022.pdf - Published Version
Restricted to Registered users only

Download (912kB) | Request a copy
Official URL: https://doi.org/10.1145/3491003.3491021


The wireless protocol WPA2 (Wi-Fi protected access version 2) personal, introduced in 2004, uses a passphrase, which in many cases is of low entropy, to authenticate clients and access points with each other. But the way the encryption keys derived from the passphrase are used makes it susceptible to offline dictionary attack using the captured handshake messages. This weakness has been handled in the protocol WPA3-personal, introduced in 2018, using a more secure protocol known as WPA3-SAE handshake, which essentially consists of Dragonfly handshake followed by WPA2 4-way handshake. However, in 2019, researchers pointed out that, for a specific pair of client and access point, the Dragonfly handshake uses a fixed number of iterations to find a generator of a prime order cyclic group from the passphrase. This information leads to timing leaks which can be used by an adversary to launch offline dictionary partitioning attack. To prevent this timing based offline dictionary attack, a constant number of iterations (which is fairly large) is used to get a generator of a prime order cyclic group using actual and dummy iterations for any pair of client and access point, but this may lead to cache based timing leaks. Besides, a large number of iterations results in high computation overhead which may lead to Denial of Service attacks. In this paper, we propose a Block Encryption based Password Authenticated Diffie-Hellman Key Establishment (BEPAKE) protocol to derive a high entropy shared secret between a client and an access point using the standard generator for the cyclic group under consideration. The BEPAKE protocol is then prepended to WPA3-SAE handshake protocol to design three modified WPA3-SAE handshake protocols, viz. BEPAKE-WPA3-M1, BEPAKE-WPA3-M2 and BEPAKE-WPA3-M3. The shared secret derived in the BEPAKE protocol is used to ensure that the adversary cannot launch any kind of timing based offline dictionary attack even if timing information to derive a generator of a group with correct passphrase is available to it. We give a detailed security analysis of the proposed protocols, and a comparison of their performance with that of WPA3-SAE handshake protocol using an experimental testbed. © 2022 ACM.

Item Type: Conference Paper
Publication: ACM International Conference Proceeding Series
Publisher: Association for Computing Machinery
Additional Information: The copyright for this article belongs to Association for Computing Machinery
Keywords: Authentication; Denial-of-service attack; Entropy; Network security; Side channel attack; Wi-Fi; Wireless local area networks (WLAN), Dictionary attack; Diffie Hellman; Dragonfly handshake; Finite field cryptography; Finite fields; Handshake protocol; Hunting and pecking; Passphrases; Side-channel attacks; WPA3-SAE handshake, Public key cryptography
Department/Centre: Division of Electrical Sciences > Electrical Communication Engineering
Date Deposited: 21 Feb 2022 12:04
Last Modified: 21 Feb 2022 12:04
URI: http://eprints.iisc.ac.in/id/eprint/71403

Actions (login required)

View Item View Item