The 2022 Pwnie Nominee For Best Cryptographic Attack

Dragondoom

They identified a collection of side-channel vulnerabilities of varying strength allowing attackers to recover users’ passwords in widely deployed Wi-Fi daemons, such as hostap in its default settings. Their findings target both password conversion methods, namely the legacy probabilistic hunting-and-pecking and its newly standardized deterministic alternative called SSWU. They successfully exploit this leakage in practice through micro-architectural mechanisms, despite the limited spatial resolution of Flush+Reload. Their attacks outperform previous works, such as Dragonblood, in terms of required micro-architectural measurements. Three popular projects have acknowledged and patched the identified vulnerabilities: hostap, FreeRadius and iWD.