The WPA3 Security Protocol for Wi-Fi Is Ready for Certification
Earlier this year, the Wi-Fi Alliance introduced the next-generation Wi-Fi authentication protocol called WPA3 for the first time. The consortium has now started certifying routers and devices implementing this new protocol, which means we should have WPA3-enabled devices on the market soon.
A KRACK In Wi-Fi Security
Last year, a Belgian researcher disclosed a serious flaw in the WPA2 security protocol, which allowed attackers to use key reinstallation attacks (KRACKs) to change or reset users’ Wi-Fi encryption keys. Once the attackers could do that, they would be able to read all of a device’s internet traffic in plaintext.
The flaw that allowed these attacks wasn’t in the software implementation of the WPA2 protocol, which is usually what happens with most other similar bugs, but in the WPA2 protocol design itself. Because it was a protocol flaw, it affected all Wi-Fi devices, regardless of what operating system they were running.
The KRACK exploit is what prompted the Wi-Fi Alliance to rush to announce a new security protocol only months after KRACK was first revealed (plus several other months during which the researcher had privately disclosed the bug to the consortium). WPA3 aims to replace the 14-year-old WPA2 protocol.
WPA3 Enhancements
The WPA3 protocol arrives with four main enhancements. Two of them will make password-based authentication more resilient to bruteforce attacks, even when users choose simple passwords for their routers.
Another will offer improved protection to users of open networks through individualized encryption. In other words, you should be more secure when accessing WPA3-enabled airport routers in the future. The fourth feature is a 192-bit security suite for enterprise-level users.
The consortium also introduced the Wi-Fi CERTIFIED Easy Connect program to reduce the complexity of on-boarding new IoT devices, which lack an interface, to a network. Smartphones will also be able to securely connect to a new network in the same way by scanning a QR code.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
-
bit_user Some questions I think most people will have:Reply
1. Does this (always) require a hardware upgrade of routers?
2. What about client devices?
3. What happens to WPA2 devices on a WPA3 router?
-
bit_user An answer to #1 (and partial answer to #2):Reply
This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users. Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together.
Source: https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update -
toadhammer And:Reply
4. When can I get it?
Answer: No time soon. It's just a standard and no products exist yet.
https://www.wi-fi.org/product-finder-results?sort_by=default&sort_order=desc&capabilities=16
5. Will my support this?
Answer: Not nearly enough of them, no. Manufacturers won't respin the firmware on older stuff. But hopefully one of the open-source projects will (like openwrt), but that will likely be quite a while after new products exist. -
bit_user 21094021 said:And:
4. When can I get it?
Answer: No time soon. It's just a standard and no products exist yet.
https://www.wi-fi.org/product-finder-results?sort_by=default&sort_order=desc&capabilities=16
Second sentence of the article:
The consortium has now started certifying routers and devices implementing this new protocol, which means we should have WPA3-enabled devices on the market soon.
So... maybe a couple months?