Abstract:
The scale of wireless network and the number of wireless devices are increasing day by day. Prevention of
unauthorized access to protect the data in wireless network has become a vital part of wireless security.
Wi-Fi alliance announced WPA3 as successor to WPA2 after the 'Key Reinstallation Attack' was run
against WPA2. WPA3 uses Dragonfly handshake for mutual authentication between a client and an Access
Point. But a serious vulnerability named side channel timing leak was found in the password conversion
method of Dragonfly Handshake. MODP group has taken into consideration for the conversion of password
element because dragonfly supports both MODP and ECC group. Any attacker in the range of a Wi-Fi
network can run a brute- force dictionary attack using the leaked timing information. In this work, a method
has proposed and designed to reduce the Timing Based Side Chanel Attack. This method is consist of three
different parts: Fixing number of iterations, Generation of a database of Password Element, Random choice
of a Password Element from the database. Leaked Timing Information Creation of the signature of
password has been illustrated. Finally, the complications for an attacker to hack the password are stated.
