An Approach to Reduce Side-Channel Timing Attack in Dragonfly Handshake of WPA3 for MODP Group

Due to the expansion of wireless networks and devices, security in this area has become a great concern; especially blocking unauthorized users is a major security challenge. While systematically evaluating Dragonfly Handshake of the newly announced Wi-Fi Protected Access 3 (WPA3), found a severe vulnerability called ‘Side-Channel Timing Leak’ in the password encoding method for ‘Modulo the Prime (MODP)’ to generate password element (PE), evidently release information about the password in all implementations. Making the manipulation of the flaw computationally intractable for an attacker, three actions: Fixing iterations number, single password-based PE database generation and fetching a PE of random choice from the database have been proposed. It has been demonstrated that variation in execution time and guessing password using different client MAC addresses is possible and analyzed that certain number of PE from same password and arbitrary calling of PE from a database raise complexity significantly for the adversary at the expense of extra storage.