An Approach to Reduce Side-Channel Timing Attack in Dragonfly Handshake of WPA3 for MODP Group

Wireless security has become a great concern in the era of 4th Industrial Revolution due to the expansion
of wireless network and increased number of wireless devices. Blocking unauthorized users to a wireless
network is a significant part of wireless security. The newly Wi-Fi Protected Access 3 (WPA3) announced
as the successor of WPA2 by Wi-Fi Alliance, used to prevent unauthorized access in a wireless network.
Dragonfly handshake is used by WPA3 for mutual authentication between a client and an access point.
While systematically evaluating Dragonfly’s security, a serious flaw namely ‘Side Channel Timing Leak’
in password conversion method, evidently released information about the password came across.
Dragonfly supports both ‘Modulo the Prime (MODP)’ and ‘Elliptic Curve Cryptography (ECC)’ as
password conversion method. In this paper, MODP group taken into consideration to generate Password
Element (PE). Execution time differences are measurable during PE formation which results in certain
plausibility to guess the password with the assistance of spoofed client mac addresses has been
demonstrated. How leaked information creates signature of the password testified and to make it
computationally intractable for an attacker to manipulate the flaw, three actions: Fixing iterations number,
single password based PE database generation and fetching a PE of random choice from the database have
been proposed. Finally, the complication for an attacker to hack the password is illustrated.