A Chosen Random Value Attack on WPA3 SAE Authentication Protocol

Abstract

Simultaneous Authentication of Equals (SAE) is a password-authenticated key exchange protocol that is designed to replace the WPA2-PSK-based authentication. The SAE authenticated key exchange protocol supports the peer-to-peer authentication and is one of the major authentication mechanisms of the Authentication and Key Management Suite specified within Wi-Fi. The SAE authenticated key exchange protocol has been widely implemented in today's Wi-Fi devices as part of major security feature upgrades and is regarded as the third generation of Wi-Fi Protected Access. This article presents a way of attacking the weaker randomness generation algorithm within the SAE protocols, which can lead to successful impersonation types of attacks. We also suggest some protocol amendments for protection. It is recommended that SAE implementations should be upgraded to ensure protection against these attacks.