Are all the known WPA3 security flaws fixed now?

[nickie]

At a quick glance, it seems you’re running the first WPA3 deployment without the updates. Do you know which chipset the your TP-Link is using?

Qualcomm Atheros QCA9558. I'm not sure how ddwrt deals with this type of correction, and if the newest firmware would incorporate the latest revision. Brainslayer traditionally includes the corrections quite fast.

Based on what I’ve seen, I believe Merlin does not interfere with WPA3 and leaves it to ASUS to decide what devices have it and which don’t. There are plenty of other security benefits that I’ve read about that you could use with the Merlin fw. I run QUAD9 as my DNS for example, easy setup with the fw. That’s about it lol, I enjoy Merlin fw for the stability.

I was under the impression that WPA3 implementation would be just a matter of software and not really hardware dependent.

 

[mcmxmk19]

I was under the impression that WPA3 implementation would be just a matter of software and not really hardware dependent

I believe this was the original idea. However the vulnerabilities found (linked in the original post) changed things up. Vendors can still add WPA3 through software updates, even to routers that are no longer sold (if a CPU manufacturer chooses to support WPA3 on those models). However, I think with the patches to WPA3 not being backwards compatible, not being fully patched, and potentially impacting performance ASUS probably decided to go a different route with which current models have WPA3 and which don’t.

Here’s a link to find which ASUS routers support WPA3. It’s an official ASUS website that links you to the WiFi Alliance.

 

[AntonK]

Hi,
Sorry if this question is silly, but does the fact that the firmware offers WPA3, WPA2/WPA3 mean that they are actually supported? Merlin's firmware offers these choices on my router. Also, when I chose WPA3, PMF flipped to Required with no other option. That was okay with my iPhone 11, iPad Pro, and newish laptop, but NOT with my Echo Studio. The Echo Studio will not connect to 5ghz when PMF is set to Required, only when set to Capable.

 

[torstein]

Here’s a link to find which ASUS routers support WPA3. It’s an official ASUS website that links you to the WiFi Alliance.

That list seems to be incomplete, as it doesn't even list my AX58U as wpa3-capable, even though I'm currently running in WPA3-only mode, and my router even is listed as a WPA3-router on asus.com own website: Asus routers with WPA3

Mcmxmk19:
I made a mistake by recommending running WPA3/WPA2 mixed. Only run this mode if you have a “certified” router (still, only do it at your own risk). Which again can be found in the link.

Yes, that's why I don't run in WPA3/WPA2 mixed mode due to the downgrade vulnerability. I run in WPA3 (with PMF) only-mode.

Also, isn't it fair to assume then that WPA3 with PMF is safer than WPA2 with PMF, since the best and most effective way of breaking WPA3 is by downgrading a mixed WPA3/WPA2 network to WPA2-only and then deploy currently available exploits for WPA2 to break into the network?

I don't understand the argument that WPA2 with PMF is any safer than WPA3 with PMF, when the above is the case. But you seem smart, so maybe you can explain it to me

Mcmxmk19:
It’s because WPA3 was not secure. The updates were not backwards compatible and took time to release. It would of been a marketing nightmare for ASUS. It was easier to not deploy the feature as opposed to deal with the headache.

From what I understood it's mostly due to weak hardware in IoT things, and not some special hardware piece that's necessary for the WPA3-december-2020-fixes. If I understood what I read on Dragonblood flaws by Mathy Vanhoef the reason the WPA3-fixes isn't backwards compatible is because the "time based side channel leak"-attack-fix requires fast hardware to run.

The reason is that in order for the wifi-password check to run, iirc a fixed 40 checks no matter what, has to be run, even though the password check (on a fancy Diffie-hellman curve) would have taken just 3 or 4 runs. Some attacker could therefore "easily" guess the password if it knew how many runs it would take for the WPA3 router to authenticate the password, but by setting all "checks" to run 40 times, it's impossible to guess the password. But since running it 40 times supposedly is tough on weaker hardware such as IoT-devices, it's deemed "not backwards compatible". Or have I got it all wrong?

Mathy vanHoef:​

Should I use WPA3?​

If vendors don't come up with a better variant of WPA3, then you should switch to WPA3 once it is available. After all, we hope that vendors will mitigate most of our attacks, meaning WPA3 will still be an improvement over WPA2. However, there's still a risk that lightweight devices will be unable to implement all countermeasures due to their high overhead.

 

[torstein]

Straight from Mathy Vanhoef himself: Use WPA3. That’s good enough for me.

Link to tweet

 

[stargazer]

WPA2 with PMF

According to Wi-Fi.org :
Configuration Options

Three different configuration options exist for Protected Management Frames. They are listed and explained in detail below:

• Disable: Disables PMF for a network. It is not recommended to use this setting, only in case non-PMF-capable clients experience connection issues with the “Capable” option.
• Capable: This should be the default option for an encrypted Wi-Fi network based on WPA2. By selecting this option, both types of clients, capable of PMF or not, can connect to the network. Clients capable of PMF will negotiate it with the AP.
• Mandatory: Only PMF-capable clients can connect to the network, which makes this the safest option. WPA3-Personal only mode and WPA3-Enterprise with 192-bit security mode activate this option as default.

I tried "mandatory" with WPA2 and couldn't connect my phone to wifi. So WPA2 with PMF mandatory limits greatly your clients.

 

[torstein]

VanHoef recommends wpa3 over wpa2.

Even the «old» / «broken» wpa3 is safer than wpa2. so anyone here recommending wpa2 (with or without pmf) over wpa3 for security reasons (compatibility arguements are a totally different story) shouldn’t do so.

 

[itpp20]

I tried "mandatory" with WPA2 and couldn't connect my phone to wifi. So WPA2 with PMF mandatory limits greatly your clients.

Make the connection forget and reconnect works in most cases, turning wifi off/on also (on the devices).

 

[archiel]

Stupid question time. I follow that WPA3 + mandatory PMF is the 'best' solution, but will that work where the clients (phones, laptops, IoT devices, etc) are pre WPA3 devices - i.e. does a WPA2 'server' work with WPA2 'clients'? Or in this case is WPA3\WPA2 the least bad option?

 

[torstein]

Stupid question time. I follow that WPA3 + mandatory PMF is the 'best' solution, but will that work where the clients (phones, laptops, IoT devices, etc) are pre WPA3 devices - i.e. does a WPA2 'server' work with WPA2 'clients'? Or in this case is WPA3\WPA2 the least bad option?

Not to be a dick, but that's completely off-topic.

Please create your own thread with other questions unrelated to WPA3-vulnerabilities/-fixes.

 

[stargazer]

Make the connection forget and reconnect works in most cases, turning wifi off/on also (on the devices).

Tried that and didn't work. Thanks for the suggestion

 

[torstein]

WPA3 has design flaws that will never be resolved.

I contacted vanHoef on twitter and he recommends WPA3 over WPA2, and says the side-channel-leaks has been fixed in the "new" WPA3. He goes on to say that even the "older" WPA3 is safer than WPA2, and recommends switching to it.

What are your thoughts on that @RMerlin ?

 

[thiggins]

Not to be a dick, but that's completely off-topic.

Please create your own thread with other questions unrelated to WPA3-vulnerabilities/-fixes.

@torstein Please leave moderation to the forum mods. I saw your report and rejected it.

It's not lost on me that after you pinged @archiel for a WPA3/WPA2 question, you then asked one.

 

[torstein]

@torstein Please leave moderation to the forum mods. I saw your report and rejected it.

It's not lost on me that after you pinged @archiel for a WPA3/WPA2 question, you then asked one.

Reading through this thread, I realise we all skewed slightly off-topic in our posts. Instead of discussing WPA3 flaws and issues, we ended up arguing WPA3 vs WPA2 security-differences.

I therefore apologise for having singled out @archiel and reported his post as off-topic, when my own posts weren't fully-on-topic either.

I admit reporting his post was a bit drastic. I do however respectfully disagree that asking a fellow forum-user to stay on-topic means taking moderation into "my own hands". I think it's fair to ask people to stay on topic. Don't you agree?

 

[thiggins]

I think it's fair to ask people to stay on topic. Don't you agree?

Yes. That's fair. A "please stay on topic" should suffice.
Carry on!

 

[RMerlin]

I contacted vanHoef on twitter and he recommends WPA3 over WPA2, and says the side-channel-leaks has been fixed in the "new" WPA3. He goes on to say that even the "older" WPA3 is safer than WPA2, and recommends switching to it.

What are your thoughts on that @RMerlin ?

WPA3 is better than WPA2, but it's not perfect. If you need perfect security, you need Ethernet.

 

[merlin_user123]

In addition to the Hash-to element feature, there is another new WPA3 security feature:
SAE Public Key (SAE-PK): optional feature is available now
Mitigates rogue (or “evil twin”) AP attacks by providing asymmetric (public key) authentication of the AP, combined with mutual isolation of clients on the network

Any idea whether it can be added in a firmware update without requiring new hardware?

 

[Ryu Connor]

WPA3 is better than WPA2, but it's not perfect. If you need perfect security, you need Ethernet.

Wired Ethernet has known security flaws.

 

[mcmxmk19]

View attachment 34698

Straight from Mathy Vanhoef himself: Use WPA3. That’s good enough for me.

Link to tweet

This is good @torstein thanks for verifying and clarifying.

Wired Ethernet has known security flaws.

I feel like everything has known security flaws lol. The conversation surrounding WPA3 was just kind of confusing due to the lack of information.

 

[iFrogMac]

This is an older thread, but I had some of the same questions, so thanks for answering them here. I have decided to leave both bands on my RT-AX86U to WPA 2 Personal +AES without PMF. My only device that would really take advantage of WPA3 is my iPhone 12 Pro Max. Anyway, it didn't seem worth it to put the Router into mixed mode for one device when WPA 2 works fine.
By the way, the mixed mode seems to work OK for me, as I used it initially, but after reading some more and looking at Asus' recommendations about sticking with WPA 2 Personal +AES for best compatibility, that's when I made my current settings that I use today.