WPA3 continues to phase-in AES in all protected scenarios. The real trick is AES-CCMP.CCMP allows AES to be upgraded to CMAC.This compression function allows the encryption of a block of ciphertext to be calculated in much less time than it takes to encrypt a block of plaintext using the cipher itself.Because of the compression, the length of time to send a message is also reduced.However, this compression process is vulnerable to a recently-discovered cryptanalysis technique called a cryptanalytic compression attack (CCA).
Information theory basics tell us that the use of a cipher means we use energy and time to encrypt a message. Sometimes, we waste more energy/time than we saved in the same time by using a (faster) cipher.
Cryptanalytic attacks target the cipher algorithm itself. These attacks are very complex, and rely on mathematical proofs. With public benchmarks, the results can be reproduced and published almost in real time.
The threat model for this attack is typical of modern access control, where the goal is to identify whether a user has the legitimate authorization to access a resource. The difference is that this attack is aimed at an authentication mechanism, and not at a user ID check.The attack is quite subtle, the first sign of a KRACK happens when an opponent challenges the client to a handshake (in WPA2, called an "authentication frame", while in WPA3 we call this the 4-way handshake), and the client fails to return a valid response in a timely manner. When we analyze the traffic between the client and WiFi access point, we see that the access point is sending a series of different handshakes, while the client is sending a response to each handshake but only gets 20% of the expected data. This is because the client is impatient and sends only the correct response without waiting for the 20% of data that has been sent by the access point. d2c66b5586