惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Recent Announcements
Recent Announcements
阮一峰的网络日志
阮一峰的网络日志
爱范儿
爱范儿
博客园_首页
Last Week in AI
Last Week in AI
月光博客
月光博客
有赞技术团队
有赞技术团队
IT之家
IT之家
博客园 - Franky
P
Proofpoint News Feed
Hugging Face - Blog
Hugging Face - Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Microsoft Azure Blog
Microsoft Azure Blog
博客园 - 三生石上(FineUI控件)
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
V
V2EX
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
云风的 BLOG
云风的 BLOG
WordPress大学
WordPress大学
The GitHub Blog
The GitHub Blog
人人都是产品经理
人人都是产品经理
A
About on SuperTechFans
N
Netflix TechBlog - Medium
雷峰网
雷峰网
Recorded Future
Recorded Future
S
Securelist
C
CERT Recently Published Vulnerability Notes
Vercel News
Vercel News
F
Full Disclosure
C
Cybersecurity and Infrastructure Security Agency CISA
A
Arctic Wolf
Simon Willison's Weblog
Simon Willison's Weblog
L
LINUX DO - 热门话题
T
Tenable Blog
MongoDB | Blog
MongoDB | Blog
V
Visual Studio Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Jina AI
Jina AI
TaoSecurity Blog
TaoSecurity Blog
H
Hacker News: Front Page
D
DataBreaches.Net
Google DeepMind News
Google DeepMind News
T
The Exploit Database - CXSecurity.com
S
Security @ Cisco Blogs
W
WeLiveSecurity
酷 壳 – CoolShell
酷 壳 – CoolShell
D
Darknet – Hacking Tools, Hacker News & Cyber Security
SecWiki News
SecWiki News

Cryptology ePrint Archive

Suppressing Hidden Extension-Field Linearity in Rank-Metric Cryptography via Structural Incompatibility DDYF: Differential Dolev-Yao Fuzzing of Cryptographic Protocols Single-Trace Power Analysis of LESS Key Generation BumbleBee: Best-of-Both-Worlds MVBA with Optimal Communication, Latency and Resilience Tradeoffs Maskaglia: A New, Efficient Approach to Masked Discrete Gaussian Sampling Impact of Post-Quantum Signatures on InnoDB B+-Trees and Efficient Batch Signing VeinoCert: Binding an Object to an Owner A New Insight into Constructing Cryptographic Boolean Functions via Walsh Spectral Analysis Quantum algorithm for Discrete Gaussian Sampling A formal analysis of FLEX and FLEX2 Zero-shot deep-unfolding decoder for QC-MDPC McEliece cryptosystems Profiling-Device-Free SASCA Framework for ML-KEM Key-Independent Secret-Key Distinguisher for 7-Round AES based on the Joint Generalized Zero-Difference Property Improved Dual Attack and Trapdoor Sampling via Quantum Rejection Sampling Verifying Consensus Protocols from LLM-assisted TLA$^+$: A Case Study of Byzantine Reliable Broadcast ThriftyMPC: Reducing the Cost of Large-Scale MPC in the Cloud Revisiting DKLs Threshold ECDSA: Enhanced OT-based VOLE and Two-Party Signing Functional Bootstrapping for a Single LWE Ciphertext with \(\tilde{O}(1)\) Polynomial Multiplications LoTRS: Practical Post-Quantum Structured Threshold Ring Signatures from Lattices Asynchronous Lagrange-Based Threshold FHE with Smaller Modulus Overhead Breaking ACDGV MinRank Gabidulin encryption schemes over matrix codes Explicit cost analysis of Toom-4 multiplication for incomplete NTT in lattice-based cryptography Security Analysis on a Blockchain-based Public-Key Authenticated Searchable Encryption Scheme Icy-DVRF: A Distributed Verifiable Random Function based on FROST signatures Frobenius-UOV: A Very Efficient Multivariate Public Key Signature Scheme Revisiting Linear Subspace Trails in Poseidon A New Multiscalar Multiplication Method Resistant to Timing Attacks Device Binding for Anonymous Credentials on Legacy Phones Beyond Quadratic: Unlocking Pseudorandomness with Quartic Character Multi-leveled and ISA/IEC 62443-aware Certificate Transparency to Protect the PKI Service Supply Chain of Operational Technology rBFT: a Revamped Two-Stage BFT from Delegated Committee Delving Deep into Security Guarantees against Integral Distinguishers with Applications to PRESENT, TWINE and LBLOCK On the Communication Complexity of Sleepy Consensus Operationalising Post‑Quantum TLS: Automated Configuration Profiling and Hybrid PQC Deployment in Financial Infrastructure Enhancing Blockchain Proof of Stake with Active Weighted Signatures: The ADAPT Framework Threshold FHE with Short Decryption Shares without a Semi-trusted Server Efficient Bootstrapping in Fully Homomorphic Encryption for Matrix Arithmetic YsPIR: HE-Based Single-Server Private Information Retrieval with Low Communication Cost and High Throughput Black-box validation of Falcon key generation under numerical instability Tight Lattice-Based Signatures without Trapdoors from Search LWE Optimized G+G Signature Storing Less in-the-Head: An Area-Efficient Hardware Architecture for SDitH-v2 SoK: Private LLM Inference using Approximate Homomorphic Encryption BitVM3: Efficient Bitcoin Bridges via Garbled Circuits Private Function Evaluation with Linear Complexity Cryptanalysis of Definite and Indefinite Lattice Isomorphism Problems With Applications to HAWK and DEFI Formalizing and Strengthening the Security Proof of NTOR Verifiable Anomaly and Similarity Detection Using Matrix Profile in Private Time-series Privacy Coins Under Viewing Key Compromise Adaptively-Secure Flexible and Identity-Based Broadcast Encryption from Decomposed LWE Beyond Binary: crosscorrelation of Cubic, Quartic and Quintic Character Sequences A Post-Quantum Accountable Sanitizable Signature Scheme Based on Unbalanced Oil and Vinegar Better Usability: Leakage-Resistant AEADs from Single-length Blockciphers TieredOMap: Skewness-Aware Oblivious Map Formal Verification, Integration and Physical Evaluation of Prime-Field Masking on Silicon New Techniques for Communication-Efficient Secure Comparison Protocols Verifying Provenance of Digital Media: Security Analysis of C2PA and its Implementation EQuADiSE: Efficient Quantum-safe Adaptive Distributed Symmetric-key Encryption Panther: Robust Hybrid KEM Combiners via Structural Splicing Cobra: All-in-one for full-fledged defense — a hybrid nested KEM Cryptanalysis of the Sharafi–Daghigh digital signature scheme Improved Garbled RAM via Garbled Merge MCU: An Efficient and Scalable Nonlinear Function Evaluation in MPC without Preprocessing Related-Key Multi-Pair Neural Distinguishers: Analysis and Applications to Lightweight Block Ciphers MDSS-STAR: Private Heavy-Hitters through Multi-Dealer Secret Sharing How to Authenticate a Non-Deterministic Computation Boolean Arithmetic over $\mathbb{F}_2$ from Group Commutators An Efficient Identity-Based Blind Signature Scheme from SM9 Tighter Bounds for the Oblivious Bit-Fixing Inner Product Extractor on Biased Seeds Counting and recovering the quadratic relations of a vectorial function Perils of Parallelism: Transaction Fee Mechanisms under Execution Uncertainty RoKoko: Lattice-based Succinct Arguments, a Committed Refinement Aggregator-Based Voting using proof of Partition HARE: Compact HQC via Distance-Informed Erasure Decoding A Maliciously-Secure Post-Quantum OPRF from Crypto Dark Matter SoK: Private Transformer-Based Model Inference Byzantine Consensus in the Partially Authenticated Setting Post-Quantum Anonymous Signatures from the Lattice Isomorphism Group Action Issuer-Hiding for BBS Anonymous Credentials via Randomizable Keys Relaxed Modular PCS from Arbitrary PCS and Applications to SNARKs for Integers Key Recovery Attacks on UOV Using $p^\ell$-truncated Polynomial Rings Reducing the Number of Qubits in Quantum Discrete Logarithms on Elliptic Curves PhantomCrypt: Second-Order Deniable Encryption with Post-Quantum Security On the Use of Atkin and Weber Modular Polynomials in Isogeny Proofs of Knowledge Minimizing Mempool Dependency in PoW Mining on Blockchain: A Paradigm Shift with Compressed Block Representation for Enhanced Scalability, Decentralization and Security. Beyond-Birthday-Bound Security with HCTR2: Cascaded Construction and Tweak-based Key Derivation Adaptive NIKE for Unbounded Parties Hyperion: Private Token Sampling with Homomorphic Encryption TSS-PV: Traceable Secret Sharing with Public Verifiability A Graph-Theoretic Framework for Randomness Optimization in First-Order Masked Circuits TensorSwitch: Nearly Optimal Polynomial Commitments from Tensor Codes Auntie: Unobservable Contracts from Zerocash and Trusted Execution Environments Fast Batch Matrix Multiplication in Ciphertexts On the $\gamma$-Spreadness of Average-Case to Worst-Case Transformations On the Regularity of the Generalized Birthday Problem Permutation-Based Hash from Non-Idealized Assumptions: Adding Feed-Forward to Sponge Secret-Key PIR from Random Linear Codes K-Linkable Ring Signatures and Applications in Generalized Voting Dynamic zk-SNARKs (with applications to sparse zk-SNARKs and IVC) ProxCode: Efficient Proximity Searchable Encryption from Error Correcting Codes
Provable Security and Privacy Analysis of WPA3's SAE and SAE-PK Protocols
Shan Chen, Southern University of Science and Technology, Shenzh · 2026-02-21 · via Cryptology ePrint Archive

Paper 2026/348

Provable Security and Privacy Analysis of WPA3's SAE and SAE-PK Protocols

Kaige Pan, Southern University of Science and Technology, Shenzhen, China

Olga Sanina, Technische Universität Darmstadt, Darmstadt, Germany

Abstract

SAE and SAE-PK are the core security protocols introduced in the latest Wi-Fi security standard, WPA3, to protect personal networks. SAE-PK extends SAE to prevent the so-called evil twin attacks, where an attacker with the knowledge of the password attempts to impersonate a legitimate access point. In this work, we present the first provable security and privacy analysis of SAE and SAE-PK. We introduce formal models that capture their intended properties and use these models to analyze the guarantees these protocols provide. First, we identify an attack that prevents SAE from fulfilling its intended authentication guarantees. As a result, SAE can only be proven secure within a weaker security model, which we also formalize and show the proof in. To achieve the desired level of security, we propose two simple fixes, resulting in two efficient SAE protocols that we call SAEv2 and SAEv3. We prove that both protocols meet the intended security guarantees, with SAEv3 providing greater robustness. Next, we prove that SAE-PK is indeed secure against evil twin attacks, but its current design introduces a theoretical vulnerability to offline dictionary attacks, which contradicts the expected security guarantees of SAE-PK as an enhanced password-authenticated key exchange protocol. To remedy this, we show that SAE-PK can be modified with minimal changes to fully realize its desired security goals. Finally, we analyze the privacy guarantees of SAE, SAE-PK, and our proposed enhanced variants. We prove that their cryptographic core preserves the unlinkability of client devices across distinct Wi-Fi networks, if MAC address randomization is properly applied.

BibTeX 

@misc{cryptoeprint:2026/348,
      author = {Shan Chen and Kaige Pan and Olga Sanina},
      title = {Provable Security and Privacy Analysis of {WPA3}'s {SAE} and {SAE}-{PK} Protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/348},
      year = {2026},
      url = {https://eprint.iacr.org/2026/348}
}

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。