Detecting Wi-Fi Networks Vulnerable to FragAttacks: Feasible, but also Ethical?

Prof. Mathy Vanhoef | Start: 13:00 | IAIK seminar room, Inffeldgasse 16a
Abstract: This presentation will first introduce the FragAttacks vulnerabilities (USENIX 2021). The FragAttacks findings consist of three cryptographic design flaws in the fragmentation and aggregation features of Wi-Fi. Additionally, the FragAttacks research discovered multiple widespread implementation flaws related to fragmentation and aggregation. We give a brief overview of these design and implementation vulnerabilities.
An open question is how many Wi-Fi networks in the meantime have been updated to fix these vulnerabilities. In the second part of the presentation, we will show how some of the FragAttacks vulnerabilities can be reliably detected during a Wi-Fi survey (also known as a Wi-Fi wardrive). This would enable researchers to measure how many access points have been updated, and how much of a risk the vulnerabilities still present. Most importantly, we examine the ethical aspects of possibly doing such a Wi-Fi survey, and hope to discuss the ethical aspects of this with the audience.

Short Bio: Mathy Vanhoef is an Assistant Professor at KU Leuven University in Belgium. He's interested in network and software security, where he studies the security of the full network stack, with a focus on Wi-Fi security and applied cryptography. In this area, he tries to bridge the gap between real-world code and theory. He previously discovered the KRACK attack against WPA2 and the Dragonblood attack against WPA3. He also collaborated with the industry to design and standardize two new Wi-Fi defenses. One of these defenses, called beacon protection, will become mandatory in Wi-Fi 7.