Masu bincike biyu (Mathy Vanhoef da Eyal Ronen) sun bayyana akan sabuwar hanyar kai hari wanda an riga an tsara shi a cikin CVE-2019-13377 wanda wannan gazawar yana shafar hanyoyin sadarwar mara waya ta amfani da fasahar tsaro ta WPA3 ba ka damar samun bayanai game da halaye na kalmar sirri da za a iya amfani da su don zaɓar ta a cikin yanayin wajen layi Matsalar ta bayyana a cikin yanayin kamfanin Hostapd na yanzu.
Waɗannan masu binciken iri ɗaya suma sun gano rashin lahani shida a cikin WPA3 monthsan watanni da suka gabata, musamman dangane da tsarin tabbatar da SAE, wanda aka fi sani da Dragonfly. Waɗannan hare-haren suna kama da hare-haren ƙamus kuma suna ba wa abokin hamayya damar dawo da kalmar sirri ta hanyar cin mutuncin gefen ko kwararar tashar ruwa.
Har ila yau, sun aiwatar da adadi mai yawa akan hanyoyi daban-daban waɗanda suka ƙunshi yarjejeniyar WPA3, kamar ƙamus na kamus akan WPA3 yayin aiki a cikin yanayin sauyawa, kai hari kan microarchitecture gefen ɓoye a kan SAE Handshake kuma sun yi amfani da damar don nuna yadda za a iya amfani da lokacin da aka samu da kuma bayanan ɓoye don aiwatar da "harin ɓarnatarwar kalmar wucewa" ba layi .
Wannan yana bawa maharin damar dawo da kalmar sirri da wanda abin ya shafa yayi amfani da ita.
Duk da haka, binciken ya nuna cewa amfani da Brainpool yana haifar da bayyanar sabon aji na kwararar bayanai akan tashoshin ɓangare na uku a cikin haɗin Dragonfly wanda ya dace da algorithm wanda aka yi amfani da shi a cikin WPA3, wanda ke ba da kariya daga yin zato da kalmar wucewa a cikin yanayin layi.
Matsalar da aka gano tana nuna hakan ƙirƙirar aiwatar da Dragonfly da WPA3, cirewa daga kwararar bayanai ta hanyar tashoshi na ɓangare na uku, aiki ne mai wahalar gaske kuma hakan kuma yana nuna rashin daidaiton tsarin ci gaba na kofofin ci gaba ba tare da gudanar da tattaunawar jama'a ba game da hanyoyin da aka gabatar da kuma tantancewar al'umma.
Lokacin da ake amfani da ECC Brainpool yayin shigar da kalmar wucewa, Dragonfly algorithm yana aiwatar da maganganu na farko tare da kalmar wucewa ta hanzarta lissafin ɗan gajeren zani kafin amfani da lanƙirin elliptic. Har sai an sami gajeriyar zanta, ayyukan da ake yi suna dogaro ne kai tsaye kan adireshin MAC da kalmar sirri ta abokin ciniki.
Game da sababbin rauni
A lokacin tafiyar aiki ana danganta shi da adadin yawan maimaitawa da jinkiri tsakanin aiki yayin fadakarwar farko za a iya auna kuma amfani da shi don ƙayyade halaye na kalmar sirri, wanda za'a iya amfani dashi ta hanyar layi don fayyace madaidaicin zaɓi na sassan kalmar sirri yayin zaɓin su.
Don aiwatar da hari, dole ne ku sami dama ga tsarin mai amfani wanda ke haɗi da cibiyar sadarwa mara waya.
Har ila yau, masu binciken sun gano rauni na biyu (CVE-2019-13456) wanda ke da alaƙa da kwararar bayanai a aiwatar da yarjejeniyar EAP-pwd ta amfani da Dragonfly algorithm.
Matsalar takamaiman uwar garken FreeRADIUS RADIUS ne kuma dangane da kwararar bayanai ta hanyoyin mutum na uku, da kuma raunin farko, zai iya sauƙaƙa zaɓi na kalmar sirri sosai.
A haɗe tare da ingantacciyar hanyar gano ƙararrawa yayin aunawar jinkiri, don ƙayyade adadin maimaitawa, ya isa aiwatar da awo 75 na adireshin MAC ɗaya.
Hare-haren da ake samu suna da inganci kuma ba su da tsada. Misali, ana iya amfani da hare-haren lalacewa ta amfani da kayan aikin fasa WPA2 da kayan aiki. Ana iya cin zarafin tashar tashar gefe, alal misali, don aiwatar da mummunan harin ƙarfi ta amfani da manyan ƙamus ɗin da aka fi sani da ƙarancin $ 1 a kan abubuwan Amazon EC2.
Hanyoyi don inganta yarjejeniya don toshe batutuwan da aka gano an riga an haɗa su cikin ƙirar sigogin ƙa'idodin Wi-Fi na gaba (WPA 3.1) da EAP-pwd.
Abin farin ciki, sakamakon bincike, ana inganta daidaitaccen Wi-Fi da EAP-pwd tare da ingantacciyar yarjejeniya. Kodayake wannan sabuntawa baya-dacewa da aiwatarwar WPA3 na yanzu, yana hana yawancin hare-harenmu.
Source: https://wpa3.mathyvanhoef.com