How will WPA3 improve WiFi security? [source: welivesecurity]
by CIRT Team
In October 2017, researchers made public a serious vulnerability in WPA2, the security protocol that protects most of today’s WiFi networks. This discovery put the protocol’s security in the spotlight and led to discussions about the need for a new standard.
Finally, the WiFi Alliance, the organization that certifies WiFi devices, announced WPA3, a new and enhanced authentication protocol that is set to be rolled out in 2018. This new version isn’t aimed at improving the reputation of WPA2, as various manufacturers are patching the disclosed vulnerability in their updates. Instead, it seeks to implement new features and increase the security of a protocol that hasn’t been improved in the past 13 years.
This new protocol is looking to bring improvements in authentication and encryption while facilitating the configuration of wireless networks. Crucially for the enhancing of encryption, the new security protocol will feature 192-bit encryption. Although the Alliance did not explicitly state so, it is safe to assume that, just like its predecessor and as utilized in WPA, WPA3 will also use a 48-bit initialization vector. That way, this new protocol is in line with the highest security standards and is fit for use in networks with the most stringent security requirements, such as those of governments, defense or industrial systems.
Another notable feature of WPA3 is the implementation of the Dragonfly protocol, also referred to as Simultaneous Authentication of Equals (SAE). This is aimed at improving security at the time of the handshake, which is when the key is being exchanged. As a result, WPA3 is poised to provide robust security even if short or weak passwords are used, i.e. those that don’t contain a combination of letters, numbers and symbols.
This feature is very useful, especially considering that users have difficulties creating strong and hard-to-guess passwords. According to the WiFi Alliance, it will be almost impossible to breach a WiFi network using current methods such as dictionary and brute-force attacks.
Finally, for those who usually work remotely and use public WiFi networks in coffee shops, hotels or at airports, WPA3 will be a robust solution to privacy problems. This is because by applying individualized data encryption – where every connection between a device and a router will be encrypted with a unique key – it seeks to further mitigate the risk of Man-in-the-Middle (MitM) attacks.
For more, click here.