With WPA3, Wi-Fi security is about to get a lot tougher

by Frankie Norman January 12, 2018, 1:08
With WPA3, Wi-Fi security is about to get a lot tougher

The Wi-Fi Alliance - an industry group that counts Apple, Cisco, Intel, Microsoft, and Qualcomm among its many members - said it intends to keep hammering away at WPA2, even as it rolls out the protocol's successor.

Cnet quoted Wi-Fi Alliance's vice president of marketing Kevin Robinson as saying that the WPA3 encryption would be built in the open network, providing every person who uses it a secure and private channel.

The Wi-Fi Alliance has revealed that the near 15-year-old WPA2 security protocol is to be replaced by WPA3. Although WFA's certification program does focus on interoperability across Wi-Fi devices, Robinson said, the security aspect is often overlooked. As well as addressing the issues surrounding KRACK, WPA3 is claimed to offer four key new capabilities over its predecessor: the introduction of techniques for improving security even when users pick too-simple passphrases, simplified configuration for headless devices which lack display capabilities, per-client rather than per-network encryption, and a new 192-bit security cipher suite created to align with the US Committe on National Security Systems' Commercial National Security Algorithm (CNSA) requirements.

Dubbed WPA3, the first draft of the new standard will be issued later this year.

Two of the new features will focus on protecting users that choose weak passwords (although we're not sure how yet); or have little experience in configuring security settings.

Wi-Fi networks are great for networking because everything is connected without a mess of cables. The most notable problem for WPA2 was the recent discovery of several key management vulnerabilities in the 4-way handshake of its security protocol (aka - KRACK or Key Reinstallation Attacks). For a technology that is a must have these days, you would think that stronger and/or updated protocols would be put in place.

Likewise the WPA3 changes also suggest that traditional Brute Force attacks against WiFi networks, which attempt to extract passwords by bombarding the network with masses of requests using different combinations, could also find life much more challenging as the protocol has been hardened to limit such requests. Simple translation? This means that the connection between your PC or laptop or phone on the Wi-Fi network and the router are encrypted.

Is your Wi-Fi password your name followed by 12345?

"Linux's open source Wi-Fi client and access point already support the improved handshake", Vanhoef wrote on Twitter.


TOP News

Southern California sees deadly mudslides in areas hit by wildfires

Rated WR Calvin Ridley declares for National Football League draft

Trump's election commission was a waste of money serving no proper objective

Overwatch League Partners With Twitch In Two-Year Broadcast Deal

Samsung 146-inch Modular MicroLED TV is The Wall

Manhunt underway for MI couple accused of scalding 4-year-old

Seoul to announce measures on 'defective' sex slavery deal

Serena Williams reveals she had blood clots after giving birth

HTC Launches Viveport VR

Trump Plans to Attend the World Economic Forum in Davos