A new announcement has been made in regards of the Wi-Fi Alliance (the organization managing wireless internet technologies): the official release of WPA3 is already a fact:
Wi-Fi Alliance® introduces Wi-Fi CERTIFIED WPA3™, the next generation of Wi-Fi® security, bringing new capabilities to enhance Wi-Fi protections in personal and enterprise networks. Building on the widespread adoption of WPA2™ over more than a decade, WPA3™ adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets. As the Wi-Fi industry transitions to WPA3 security, WPA2 devices will continue to interoperate and provide recognized security, the statement reads.
WPA3 Comes after the KRACK Vulnerability
In other words, WPA3 is the latest version of Wi-Fi Protected Access otherwise known as WPA – a user authentication technology aimed at wireless connections. The Alliance started developing WPA3 after the discovery of the KRACK vulnerability within the WPA2 protocol. The flaw allowed attackers to gain access to Wi-Fi transmissions guarded by the WPA2 standard.
The Krack attack was capable of exploiting the way the security handshake of the WPA2 encryption protocol is handled. This is a sequence of requests and answers that deliver cryptographically protected data. The researchers uncovered that when the third step is sent using multiple times, in some situations a cryptographic message can be reused in a way which effectively disrupts the security measures.
Currently, WPA3 is optional for brand new device models. However, it is expected to become the ultimate Wi-Fi authentication standard for all Wi-Fi-enabled devices in the years to come. Even though no particular date has been outlined, WPA3 will sustain interoperability with older WPA2 devices so that the transition is flawless.
Some of the key capabilities of WPA3 include WPA3-Personal and WPA3-Enterprise:
- WPA3-Personal is conceived as a more resilient, password-based authentication even when users choose passwords that fall short of typical complexity recommendations, as explained by the Alliance. WPA3 uses Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties.
- WPA3-Enterprise is designed to offer the equivalent of 192-bit cryptographic strength, which provides additional protections for networks transmitting sensitive data, such as governmental or financial organizations. The 192-bit security suite serves to ensure a consistent combination of cryptographic tools are deployed across WPA3 networks.
Wi-Fi Enhanced Open Also Introduced
The Alliance also recently introduced the Wi-Fi CERTIFIED Enhanced Open – a certification program that delivers new benefits for users in open Wi-Fi networks, the announcement reads. Why is Wi-Fi Enhanced Open needed?
In scenarios where user authentication is not desired or distribution of credentials is impractical – such as local coffee shops or guest networks with a web portal in airports, hotels, and sports arenas – Wi-Fi Enhanced Open™ now delivers improved data protections while maintaining the convenience and ease-of-use of open networks.
This technology leverages an algorithm called Opportunistic Wireless Encryption (OWE) which is used to encrypt connections between a Wi-Fi user and the router/access point via its own custom encryption key.
This type of encryption averts local attackers from snooping on user traffic, even in cases when the network doesn’t require a password to connect to it.
Do You Know What Wi-Fi Stands For?
As explained by Webopedia, there is a common misconception about the term Wi-Fi – that it is short for “wireless fidelity.” This is not true at all as Wi-Fi is simply a trademarked term, meaning IEEE 802.11x. This misconception has spread to such an extent that even industry leaders have added the phrase “wireless fidelity” in a press release while in fact Wi-Fi doesn’t stand for anything.