WPA3, WiFi Encryption Protocol: things you should know

The WiFi Alliance announced an alternative to WPA2, the WPA3 WiFi encryption protocol, at this CES show in Las Vegas. What new changes WPA3 and WPA3 will bring? WPA2 to WPA3 conversion and related solutions will give enterprises and end users what impact?

WPA2 is no longer safe

The long-standing WPA2 (WiFi Protected Access 2) protocol, which is a standard wireless network security protocol, was hit hard on October 16, 2017, and has been exposed as a serious security hole in the “KRACK” key reloading attack vortex. As Mathy Vanhoef of imec-DistriNet team said at the time, a series of bugs in the core of the WPA2 protocol could potentially expose the WiFi connection to attacks. An attacker exploits the vulnerability to gain access to the site, spying on all traffic between access points, listening for wireless connections, and injecting data into wireless streams, and the era of WPA2 is finally over.

The team designed a conceptual test to show that disrupting access to the WPA2 secure network does not require high costs or complex technologies. This certification actually challenges all modern WiFi networks, including most corporate networks. About WPA2 Since the announcement of this security vulnerability, various agencies including the WiFi Alliance have been working hard to solve the problem.

Four advantages of WPA3

According to developers, WPA3 will continue to use four new features based on WPA2 principles (configuration, authentication, and encryption), WPA3 will provide more powerful protection for one of the features, even when the user selected a simple password You can also advise users to increase the password complexity.

Another feature is that WPA3 will simplify the display interface constraints and even include the security configuration flow for devices that do not have a display interface. That is, you can use a nearby WiFi device as a configuration panel for other devices. For example, users will be able to configure a WiFi WPA3 option for another screenless device (a small IoT device such as a smart lock, smart light bulb, etc.) using a phone or tablet.

The third function, “Personalized Data Encryption,” aims to help enhance user privacy with targeted data encryption based on open networks. According to some experts, this goal can be achieved through Opportunistic Wireless Encryption (OWE), a type of authentication-free encryption technology that will be used between each device and a router or access point Encryption connection, encryption, a larger scope.

Finally, it will use a 192-bit security suite that interfaces with the National Security Algorithm for Commercial Applications (CNSA) proposed by the National Security Systems Commission to further protect the WiFi used in government, defense, or other high-security-demanding industries The internet.

Why is it safer than WPA2?

WPA2 uses the so-called four-way handshake design, which ensures that users and access points use the same password when they join the WiFi network. Attackers also use the same process to access network traffic. WPA3 uses a new handshake mechanism and is not vulnerable to brute force.

In addition to using targeted encryption to secure connections between devices and routers on the network, the new 192-bit security suite also makes WPA3 truly a solution to the needs of the times. WPA3 obvious advantages, even if there is no loopholes WPA2, WPA3 applications will also be more widely used.

What impact will WPA3 bring to the enterprise?

Almost all WiFI connections are using WPA and WPA2, and all existing WiFi connections are easily accessible and snooping, which means that most businesses will be severely affected by vulnerabilities, which may become a key security issue for businesses.

This also means that 41% of Android devices will not escape this robbery. The report, published in October 2017, mentions that a very “destructive” variant of attacks using WPA2 vulnerabilities is specific to the Android platform. Based on this, attackers will be able to perform malicious code injection and perform various attacks (including ransomware attacks), so the combination of Android devices plus WPA2 is likely to pose a serious threat to the corporate network.

Currently, WPA3 has been publicly released, this new agreement will soon be adopted on a large scale. In the meantime, businesses and users will be able to improve their level of security to some extent by controlling network traffic and avoiding the use of wireless connections wherever possible. Although this suggestion is somewhat harsh at the moment when everyone is connected to WiFi, it is not impossible.