- This event has passed.
January 13 1:30 pm - 2:30 pm EST
Mathy Vanhoef, Postdoctoral Researcher in Computer Security at NYU Abu Dhabi
In this talk, we show that the Dragonfly handshake of WPA3 and EAP-pwd is affected by several design and implementations flaws. Most prominently, we present side-channel leaks that allow an adversary to perform brute-force attacks on the password. Additionally, we present invalid curve attacks against all EAP-pwd and one WPA3 implementation. These implementation-specific attacks enable an adversary to bypass authentication. Finally, we briefly discuss countermeasures that have been incorporated into the Wi-Fi standard.
About the Speaker
Mathy Vanhoef is a postdoctoral researcher at New York University Abu Dhabi. He is most well-known for his KRACK attack against WPA2 and the RC4 NOMORE attack against RC4. His research interest lies in computer security with a focus on network security, wireless security (e.g. Wi-Fi), network protocols, and applied cryptography. Currently, his research is about analyzing security protocols to automatically discover (logical) implementation vulnerabilities.