The Wi-Fi Alliance has announced an update to its Wi-Fi Protected Access (WPA) security suite in the form of WPA3. The first major update in more than a decade, WPA3 is a very welcome and much needed refresh with four new features aimed at both personal and enterprise networks.
Image courtesy Blue Coat Photos via Flickr Creative Commons.
The standards body did not go into many details on the new security suite, but did tease a few upcoming features in addition to closing known security vulnerabilities like KRACK. WPA3 uses a new 192-bit security suite "aligned with the Commercial National Security Algorithm (CNSA) suite from the Committee on National Security Systems" which is a collection of encryption techniques and algorithms that are reportedly up to the task of maintaining confidentiality on personal, enterprise, and industrial networks. Open Wi-Fi networks in particular will get the biggest boost from moving to WPA3 with support for individualized data encryption so that communication channels between the access point and users' devices are secured on a per-device basis. Personal networks also get improved security in the form of protections to protect users against themselves and maintain strong encryption even when they choose weak passwords. Setting up these security configurations is also being considered, and the Wi-Fi Alliance is promising easier configuration on devices with limited or no displays.
I am looking forward to more information on WPA3 as an update to WPA2 has been a long time coming. WEP has long been a joke and WPA2 has been vulnerable for a while so I hope that WPA3 lives up to its promises! What is not clear from the announcement is that if new hardware will be required or if WPA3 could be implemented through firmware and software updates. End user devices may be trickier to get updates from manufacturers, but perhaps wireless routers and access points can be upgraded without needing to buy new hardware. I suppose it depends on if radio and other hardware like the hardware accelerators / co processors need upgraded to support the new algorithms or not. In any case if you have been eyeing a new Wi-Fi AP or wireless router, maybe hold off for a few months to see how this shakes out.
Stay tuned for more information as it develops. What are your thoughts on WPA3 and the Wi-Fi Alliance's promises?
It’s nice and all, but what
It’s nice and all, but what about the fact that the “Wi-Fi Alliance” has fucked up every security standard it’s ever made available because of how closed off their development and processes are. Every third word in their press release is basically either trademark or copyright, they’re a complete joke. This is the type of thing that should clearly be a collaborative and open process, but you can’t even view the actual Wi-Fi specification without being a member of the Wi-Fi Alliance, and good luck with that. They didn’t even share a technical specification, just a bunch of marketing speak is what WPA3 is at this point. 192 bit encryption? Good one, guys.
I use an Ethernet cable no
I use an Ethernet cable no Wi-Fi needed and none of the over the air security issues with folks trying to hack in from outside the home or apartment over the air over the Wi-Fi Alliance’s Crap Standards. Latency is much better over the Ethernet anyways.
Yeah I am very much… they
Yeah I am very much… they will have to pry the ethernet out of my cold dead hands type of mindset. Now if only 10GbE adoption would improve. I was excited about the cheaper asus and other cards but hearing they have some issues :-/. Seems the best for the price way to go is used intel gear and direct connect using sfp+ cables still.
There is LOADS of wifi
There is LOADS of wifi devices that will not have their drivers or firmware updates to use this new encryption standard. And it is illogical to think that simply releasing a new standard will result in wifi suddenly becoming secure again. How many people upgraded to an 802.11AC access point within the last two years? We have so many wifi enabled devices in our homes now days. Smart tvs, blu-ray players, security cameras, and etc. all use wifi now days, and now they will need updates or replacement.
Yeah it is going to take
Yeah it is going to take years esp. for client devices like tvs phones iot ect
If you are referring to the
If you are referring to the KRACK vulnerability its been patched. The vulnerability only affected clients not AP’s it only affected AP’s if the AP was authenticating to another AP through wireless. WPA2 still remains secure so long as you have updated your devices.
I recommend you watch security now regarding the KRACK vulnerability.. as well as last weeks episodes that talks about WPA3 in more detail.