29 Jun 2018

The Wi-Fi Alliance officially launched WPA3—the next-generation Wi-Fi security standard which will remove all the known security vulnerabilities and wireless attacks that are up including the dangerous KRACK attacks.

WPA, or Wi-Fi Protected Access is a security technology for networks which is designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and is aimed to prevent hackers from eavesdropping on your wireless data. When you connect to a Wi-Fi network and type in a password, WPA governs the “handshake” that takes place between your device and the router, and the encryption that protects your data.

The current version of this protocol is WPA2 which has been around since 2004. It is better than its predecessors WEP and WPA, but it is not perfect. Last year end the security researchers revealed a severe flaw in the current WPA2 protocol, dubbed KRACK (Key Reinstallation Attack), which allowed the hackers to intercept, decrypt and even manipulate WiFi network traffic.

Most of the device manufacturers patched their devices against KRACK attacks. Even then the WiFi Alliance decided to finalize and launch WPA3 in order to address WPA2’s technical shortcomings from the ground. A decade later, WPA3 is finally here with a lot of new improvements.

WPA3 security standard will replace the existing WPA2 and provides improvements for Wi-Fi enabled devices in terms of configuration, authentication, and encryption enhancements, making it difficult for hackers to hack your Wi-Fi or eavesdrop on your network.

The Wi-Fi Alliance launched two latest security protocol—WPA3-Personal and WPA3-Enterprise—for personal, enterprise, and IoT wireless networks.

Let us take a look at the key features provided by the new protocol:

1.) Protection Against Brute-Force Attacks

WPA3 provides increased protection against offline brute-force dictionary attacks which makes it difficult for the attackers to crack your WiFi password, even if you choose an easier password or by using commonly used passwords over and over again.

2.) WPA3 Forward Secrecy

WPA3 leverages SAE (Simultaneous Authentication of Equals) handshake to offer forward secrecy which is a security feature that prevents attackers from decrypting old captured traffic even if they ever learn the password of a network.

3.) Protecting Wi-Fi Networks

WPA3 strengthens user privacy in open networks through individualized data encryption. This feature encrypts the wireless traffic between your device and the Wi-Fi access point to mitigate the risk of Man-in-the-Middle (MitM) attacks. To prevent such passive attacks, WPA3 could add support for Opportunistic Wireless Encryption (OWE).

4.) Strong Encryption for Critical Networks

Using WPA3 Enterprise, critical Wi-Fi networks handling sensitive information including government and industrial organizations can protect their Wi-Fi connections with 192-bit encryption.

Wi-Fi Easy Connect

Along with WPA3, the WiFi Alliance has also announced a new feature, called Wi-Fi Easy Connect which simplifies the process of pairing smart home gadgets (without any screen or display) to your router.

Wi-Fi Easy Connect is a substitute for Wi-Fi Protected Setup (WPS) which is not secure. With Easy Connect, you will be able to pair your smart gadget with the router by simply scanning a QR code with your smartphone to have the Wi-Fi credentials automatically sent to the new smart device.

It is worth noting that both WPA3 and Wi-Fi Easy Connect will not hit the mainstream right away as this is a multi-years-long process that will require new routers and smart gadgets to support WPA3.

So, the WPA2 will not stop working soon, and devices with WPA3 support will still be able to connect with devices that use WPA2. WPA3 support will eventually become mandatory as adoption grows.

WPA3 is expected to hit mass adoption in late 2019, when it eventually become a requirement for devices to be considered Wi-Fi certified, according to the WiFi Alliance.

Technical Writer,  Blogger,

Leave your thought

This site uses Akismet to reduce spam. Learn how your comment data is processed.