Tuesday, June 26th 2018

Wi-Fi Alliance Introduces Wi-Fi CERTIFIED WPA3 Security

Wi-Fi Alliance introduces Wi-Fi CERTIFIED WPA3 , the next generation of Wi-Fi security, bringing new capabilities to enhance Wi-Fi protections in personal and enterprise networks. Building on the widespread adoption of WPA2 over more than a decade, WPA3 adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets. As the Wi-Fi industry transitions to WPA3 security, WPA2 devices will continue to interoperate and provide recognized security.

WPA3 security continues to support the market through two distinct modes of operation: WPA3-Personal and WPA3-Enterprise. All WPA3 networks use the latest security methods, disallow outdated legacy protocols, and require use of Protected Management Frames (PMF) to maintain resiliency of mission critical networks. Key capabilities of WPA3 include:
  • WPA3-Personal: more resilient, password-based authentication even when users choose passwords that fall short of typical complexity recommendations. WPA3 leverages Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties.
  • WPA3-Enterprise: offers the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance. The 192-bit security suite ensures a consistent combination of cryptographic tools are deployed across WPA3 networks.
Wi-Fi Alliance introduced enhancements and new features earlier this year for Wi-Fi Protected Access , the essential family of Wi-Fi CERTIFIED security technologies, to ensure WPA2 maintains strong security protections as the wireless landscape evolves. WPA2 continues to be mandatory for all Wi-Fi CERTIFIED devices. As market adoption of WPA3 grows, the new generation of Wi-Fi security will become required for all Wi-Fi CERTIFIED devices. WPA3 maintains interoperability with WPA2 devices through a transitional mode of operation, and Wi-Fi users can remain confident they are protected when connected to secured Wi-Fi CERTIFIED networks.

"WPA3 takes the lead in providing the industry's strongest protections in the ever-changing security landscape," said Edgar Figueroa, President and CEO, Wi-Fi Alliance. "WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access."

Wi-Fi Alliance is also introducing Wi-Fi CERTIFIED Easy Connect , a new program that reduces the complexity of onboarding Wi-Fi devices with limited or no display interface - such as devices coming to market for Internet of Things (IoT) - while still maintaining high security standards. Wi-Fi Easy Connect enables users to securely add any device to a Wi-Fi network using another device with a more robust interface, such as a smartphone, by simply scanning a product quick response (QR) code. Wi-Fi Easy Connect and WPA3 represent the latest evolution in Wi-Fi Alliance programs to ensure users receive a positive experience while remaining securely connected as the security landscape evolves.

"The evolution of Wi-Fi to stay ahead of market needs has been critical to it remaining one of wireless technology's greatest success stories," said Phil Solis, Research Director for IDC. "Wi-Fi Alliance has been instrumental in Wi-Fi's evolution, and diligent about delivering Wi-Fi CERTIFIED programs so users and a variety of markets can rely on the convenience of Wi-Fi connectivity and security to meet their needs."

Wi-Fi Alliance recently introduced Wi-Fi CERTIFIED Enhanced Open, a certification program that delivers new benefits for users in open Wi-Fi networks. In scenarios where user authentication is not desired or distribution of credentials is impractical - such as local coffee shops or guest networks with a web portal in airports, hotels, and sports arenas - Wi-Fi Enhanced Open now delivers improved data protections while maintaining the convenience and ease-of-use of open networks.

For more information, please visit: www.wi-fi.org/security and www.wi-fi.org/wi-fi-easy-connect.
Add your own comment

10 Comments on Wi-Fi Alliance Introduces Wi-Fi CERTIFIED WPA3 Security

#1
Space Lynx
Astronaut
Oh, this is some excellent news. Hopefully this gets rolled out to all major airports in the nation quickly, along with consumer models... I would love to upgrade to this standard.
Posted on Reply
#2
RejZoR
I'm a bit confused about the "cryptographic strength of 192 bit". WPA2 uses AES-256. Which is 256bit crypto algorithm. What's WPA3 using then?
Posted on Reply
#3
R-T-B
RejZoRI'm a bit confused about the "cryptographic strength of 192 bit". WPA2 uses AES-256. Which is 256bit crypto algorithm. What's WPA3 using then?
WPA1/WPA2 utilize a 256-bit shared key, but the actual encryption is done in 128bit.

I'm fairly sure it's all AES or similar.

en.wikipedia.org/wiki/Wi-Fi_Protected_Access
Posted on Reply
#4
windwhirl
And I just changed the router...

So, how long until we see devices with WPA3? And how long until it's broken?
Posted on Reply
#5
R-T-B
windwhirlAnd I just changed the router...

So, how long until we see devices with WPA3? And how long until it's broken?
If it lasts as long as WPA2 did, quite a few years. Heck with KRACK patches WPA2 even is still mostly secure to everything but incredibly weak password based exploits.
Posted on Reply
#6
bonehead123
The REAL question is how much is this "advanced security" gonna cost us ?

Cause you know they wont hesitate to gouge us for it, at least at first anyways :(
Posted on Reply
#7
hat
Enthusiast
Nothing wrong with AES2 until it's time to buy a new router anyway... my 4 year old RT-N66R is holding up just fine.
Posted on Reply
#8
remixedcat
Wow the expense on upgrades for this. Specially for high density like hospitals, hotels, arenas, and conference centers.
Posted on Reply
#9
RejZoR
The problem is not getting the WPA3 capable router, then you need to wait for all the smartphones and laptops to catchup and that will take years. It always has and always will.
Posted on Reply
#10
windwhirl
RejZoRThe problem is not getting the WPA3 capable router, then you need to wait for all the smartphones and laptops to catchup and that will take years. It always has and always will.
And then people like me don't want to stop using insecure devices. I'm still using a Lumia 640 XL, which I'll probably keep using until it stops working. Until now, the only Android phones I've considered for upgrade are Nokia phones with vanilla Android, and that's considering my current phone stops working unexpectedly. And with WPA3 here, I'll probably wait even longer just to make sure everything is WPA3 compatible. Curiously, there is one WPA3 compatible product already, a Qualcomm SoC, the IPQ8065, for home network devices (here is the certificate, in PDF)

The thing that bothers me the most, though, is that the Wi-Fi Alliance waited 14 years to introduce a new standard. And just to rant about it, why the hell are we still using 128 bit encription in consumer devices? It's like they are begging for someone to break WPA3 even sooner than expected...
Posted on Reply
Nov 12th, 2024 16:45 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts