The Wi-Fi Alliance have finally come out and launched the WPA3 – A next generation Wi-Fi security standard that promises to eliminate all the known security vulnerabilities and wireless attacks that are up today including the dangerous KRACK attacks which was discovered by researcher Mathy Vanhoef of imec-DistriNet, KU Leuven, the KRACK attack works by exploiting a 4-way handshake of the WPA2 protocol that’s used to establish a key for encrypting traffic.
Wi-Fi Protected Access (WPA), is a standard designed to authenticate wireless devices using the Advanced Encryption Standard (AES) protocol and is intended to prevent hackers from eavesdropping on your wireless data. This has been a great technology which has not been changed in over a decade. However, late last year, security researchers incovered a severe flaw in the current WPA2 protocol which has been known as K.R.A (Key Re-installation Attack) dubbed as KRACK, that made it possible for attackers to intercept, decrypt and even manipulate WiFi network traffic.
WPA3, What’s New?
The new WPA3 Security standard will replace the existing WPA2 that has been around for over a decade and widely used everyday by billions of devices across the world. There are some big improvements in the WPA3 upgrade that enables device configurations, authentication, and encryption enhancements, making it harder for hackers to hack your Wi-Fi or eavesdrop on your network.
Not only did the Wi-Fi alliance launch WPA3, they have also launched two flavors of latest security protocol – WPA3 – Personal and WPA3 – Enterprise – for personal, enterprise, and IoT wireless networks.
Key Features Provided By The New Protocols
1.) WPA3 Forward Secrecy
WPA3 leverages Simultaneous Authentication of Equals) handshake to offer forward secrecy, a security feature that prevents attackers from decrypting old captured traffic even if they ever learn the password of a network.
2.) Brute-Force Attacks
The new Wi-Fi Protected Access 3 provides real enhanced protection against offline brute-force dictionary attacks, making it harder forhackers to crack your WiFi password – Even if you choose less complex passwords – If you’re using it often and over and over again, you will get brute-forced.
3.) Strong Encryption For Critical Networks
The WPA3 Enterprice handles sensitive information and can protect Wi-Fi connections with 192-bit encryption which means that Government and Industrial organisations can be covered.
4.) Public/Open Wi-Fi
Can the WPA3 protect me in an open network?
The WPA3 uses individualised data encryption technology, a feature that encrypts the wireless traffic between your device and the Wi-Fi access point to mitigate the risk of Man-in-the-middle (MitM) attacks. These passive attacks can be covered through OWE (Opportunistic Wireless Encryptions) a support feature which can be added to the WPA3.
Wi-Fi Easy Connect a feature also launched alongside WPA3 and is the replacement for Wi-Fi Protected Setup (WPS), which has been considered insecure.
With Easy Connect, you will be able to pair your smart gadget with the router by the simple steps of scanning a QR code with your smartphone to have the Wi-Fi credentials automatically sent to the new smart device.
Although this is a great achievement and great news. The WPA2 will not stop working any time soon, as mainstream devices that can support WPA3 have not been released, so it may take many years until new smar gadgets and routers are designed to support WPA3.
This means that WPA2 will not stop operation any time soon, and devices with WPA3 support will still be able to connect with devices that use WPA2 for the working of your gadgets, but WPA3 support will eventually become mandatory as adoption develops and the market growth elevates.
Ins aying this, WPA3 will be set to roll out later this year and is expected to hit mass adoption in late 2019.