Home Hacking News WPA3, A New Wi-Fi standard is here to improve security

WPA3, A New Wi-Fi standard is here to improve security

by Harikrishna Mekala

WPA3 will explain Wi-Fi configuration while implementing improved security and data encryption, published the Wi-Fi Alliance, a criteria organization whose segments include Apple, Microsoft, Intel, Samsung, Cisco and other leading technology companies.

One notable story of the new model is that it will protect Wi-Fi relationships even when users choose a weak phrase that “falls short of typical complexity characters.” This expects it will likely include guards against brute-force dictionary-based attacks, one of the most successful methods of breaking into wireless networks.

There aren’t any scientific details available for WPA3 because the technical specification hasn’t been published yet. However, Mathy Vanhoef, an academic researcher from the University of Leuven, believes that the brute-force security in WPA3 will be resolved by switching to a new key exchange protocol called Simultaneous Authentication of Equals (SAE), or Dragonfly.

A few months ago, Vanhoef discovered a serious weakness in the four-way handshake of the WPA2 protocol, which is used by customers who know a Wi-Fi network’s pre-shared key (password) to negotiate an encryption key with the access point. There are applications to mitigate Vanhoef’s attack, dubbed KRACK, but it wouldn’t be unusual if the Wi-Fi Alliance opted for a more robust key exchange mechanism in WPA2’s successor.

“Linux’s open source Wi-Fi client and access point previously support the improved handshake,” the researcher said on Twitter. “It just isn’t used in practice. But hopefully, that will change now.”

WPA3 is also supposed to encrypt connections on open Wi-Fi networks which, until now, offered no security and privacy to users. According to Vanhoef, this might be achieved through a mechanism called Opportunistic Wireless Encryption.

Opportunistic encryption, which has also been offered for other protocols, such as HTTP2, does not provide the same level of security and presumption as authenticated encryption but is generally viewed as a better option than having no encryption at all.

Another published WPA3 feature will allow users to more easily configure Wi-Fi connections for devices that don’t have an LCD screen or another human input interface, such as sensors, IoT devices, and even some printers. This will probably be done through a nearby device like a mobile phone, but there are no exact details yet about how exactly it will work.

Take your time to comment on this article.

You may also like