|LANCOM Systems Support KnowledgeBase - Support Information|
Document No: 1904.0413.1254.RHOO
The Wi-Fi encryption standard WPA3 was adopted in June 2018 as a supplement to the existing WPA2 standard.
The WPA3 implementation, as used by LANCOM Systems among others, features the WPA2/WPA3 mixed mode. This ensures that not only WPA3-Personal™ enabled Wi-Fi clients are able to operate the latest Wi-Fi, but also that clients that only support the WPA2 standard are also able to access the Wi-Fi using WPA2 encryption.
However, this mixed mode is vulnerable to so-called downgrade & dictionary attacks:
If a wireless client and a (LANCOM) access point use the WPA2/WPA3 mixed mode, a potential attacker could set up a rogue access point that supports WPA2 only. Here, even WPA3-enabled wireless clients are forced to connect using WPA2 with the potential threat from dictionary attacks.
Although the Wi-Fi client would detect the “downgrade to WPA2 attack”, this is already too late if the legitimate (LANCOM) access point sends message 3 of the 4-way handshake. The 4-way handshake messages that were exchanged before the downgrade was detected can be misused to launch a dictionary attack on the network.
This is a vulnerability in the standard itself, and is not manufacturer-specific. The described behavior can ultimately only be resolved by further development of WPA3-Personal™.
What can I do to avoid being attacked?
The vulnerabilities were discovered by security researcher Mathy Vanhoef and described in his paper “Dragonblood: A Security Analysis of WPA3’s SAE Handshake”.