The new wireless security protocol is poised to make hacking Wi-Fi connections a whole lot harder.
The Wi-Fi Alliance on Monday officially launched WPA3, a new Wi-Fi security protocol that is designed to enhance wireless security.
The new standard “adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets,” according to the Wi-Fi Alliance, a nonprofit group that certifies Wi-Fi networking standards.
The latest iteration of WPA (short for “Wi-Fi Protected Access”) comes in two flavors – personal and enterprise. They share a number of features, such as the latest security methods and the non-acceptance of legacy protocols, but each mode of operation also contains additional capabilities that take into account differences between the usages of, and requirements for, home versus enterprise networks.
One of the notable security enhancements brought by WPA3 resides in protection against password-guessing attacks, such as dictionary attacks, in which malefactors take countless stabs at a password in a bid to arrive at the right one. This new safeguard is thanks to an authentication handshake called Simultaneous Authentication of Equals (SAE) and also applies to cases when users choose simple and easy-to-break passwords – a very common scenario indeed.
In addition, WPA3 supports forward secrecy, meaning that even if a password is compromised, attackers can’t decrypt Wi-Fi traffic transmitted prior to the intrusion. Of note is also the fact that the new features don’t impose any extra burden or inconvenience on the user.
For enterprise networks, WPA3 “offers the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance”.
In addition, the Alliance announced Wi-Fi Easy Connect, which is a feature that is intended to securely get devices with limited or no display interface – notably Internet-of-Things (IoT) gadgets – onto a network by scanning QR codes with a smartphone.
Do you find it hard to resist using free public Wi-Fi? If so, the Wi-Fi Alliance has some good news for you, too. The announcement on launching WPA3 also notes the release earlier this month of Wi-Fi CERTIFIED Enhanced Open, a technology that supports individualized data encryption in a bid to counter the risk of threats such as Man-in-the-Middle (MiTM) attacks.
WPA3 is a successor to WPA2, which was launched way back in 2004 and is widely used for securing Wi-Fi traffic. WPA2 security was recently in the spotlight after researchers found that the protocol suffers from a series of serious flaws that they dubbed ‘KRACK’. Although many device manufacturers have since sealed up the cracks, the discovery highlighted concerns surrounding wireless connections.
It remains to be seen when WPA3-enabled products will enter the market, although it is very likely to take quite some time before they reach broad implementation. For the time being, WPA3 is optional for newly-manufactured devices and it retains interoperability with WPA2 devices through a transitional mode of operation, said the Wi-Fi Alliance.
written by Tomas Foltyn, ESET We Live Security