WPA3 – An New Beginning?
The Wi-Fi Alliance will be rolling out the new standard by the end of the year.
WPA3 – The new standard has been long overdue, the pressure was mounting for a new and more secure standard after the discovery of the major vulnerability in WPA-WPA2 codenamed “KRACK – Key Reinstallation Attack”, that allowed attackers to perform sniffing on the “encrypted network”.
WPA3 will be protected against the KRACK vulnerability, the information we have so far on the new features are;
- Stronger Protection, even against weaker passwords – Passwords are at the crux of the WPA3 standards, even for Wi-Fi users who use terrible passwords like “password.” The new standards will offer robust protections even when users choose to protect their documents with “1234,” as well as simplify the process of setting up security for devices with limited or no display interface for smart home devices.
- A new handshake process between networks and devices
- Protection against brute-force dictionary attacks – This is done by blocking authentication after a set number of failed login attempts.
- Individualized data encryption – Uses a stronger 192-bit security suite
“Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new features to the Wi-fi Certified family of security solutions,” said Edgar Figueroa, president and CEO of Wi-Fi Alliance. “The Wi-fi Certified designation means wi-fi devices meet the highest standards for interoperability and security protections.”
Devices supporting WPA3 are expected to arrive sometime this year, likely within the next few months.
What do you think about the new security protocol, will it affect network penetration testing? Let us know!