Presented at
Black Hat Europe 2019,
Dec. 5, 2019, 3:25 p.m.
(50 minutes).
Wireless networks and their security protocols keep evolving due to increased performance and reliability demands. For instance, recently the Wi-Fi Alliance released WPA3, which offers better security guarantees (e.g., longer keys). In light of this, one would assume that legacy protocols such as WPA-TKIP are no longer widely used in modern Wi-Fi networks. Unfortunately, our wardriving efforts revealed that 44.81% of encrypted Wi-Fi networks still support and use WPA-TKIP. These wardrives spanned cities in the United States, Germany, and Belgium, and high usage of WPA-TKIP was observed in all of them. Motivated by this, we systematically analyzed the security of WPA-TKIP implementations.
Presenters:
-
Domien Schepers
- PhD Student, Northeastern University
Domien Schepers is a PhD Student in Cybersecurity at Northeastern University. He focuses on networks and cybersecurity, specifically wireless security. Before beginning his PhD, he worked for the Centre for Cybersecurity Belgium as a cybersecurity analyst in the federal Cyber Emergency Response Team.
-
Mathy Vanhoef
- Postdoctoral Researcher, New York University Abu Dhabi
Mathy Vanhoef is a postdoctoral researcher at New York University Abu Dhabi. He is most well known for his KRACK attack against WPA2, and the RC4 NOMORE attack against RC4. His research interest is in computer security with a focus on network security, wireless security (e.g. Wi-Fi), network protocols, and applied cryptography. Currently, his research is about analyzing security protocols automatically discovering (logical) vulnerabilities in their implementations. He also wants to learn more about how to (automatically) prove the correctness of protocol implementations. Apart from research, he's interested in low-level security, reverse engineering, and binary exploitation.
Links:
Similar Presentations: