Wi-Fi WPA3 security protocol is finally here!!!
In January 2018, Wi-Fi Alliance, the nonprofit organization that certifies Wi-Fi networking standards, had announced WPA3 (Wi-Fi Protected Access III) encryption protocol for safeguarding Wi-Fi networks. Now, almost six months later, Wi-Fi alliance on Monday officially launched the WPA3 security standard for personal and enterprise networks.
WPA3 will replace the former security protocol, WPA2, that’s built in to protect almost every wireless devices including phones, laptops, and the Internet of Things (IoT). This new protocol is the first update since 2004, which is when WPA2 was introduced.
According to Wi-Fi Alliance, WPA3 adds several new features to enhance WPA2 by making Wi-Fi security simpler, offering more robust authentication, and providing increased cryptographic strength, that will make it difficult for hackers to hack your Wi-Fi or spy on your network.
“Wi-Fi® is one of the greatest technology success stories of our time, and for nearly 20 years it has been an engine for the social and economic benefit. Wi-Fi is synonymous with Internet connectivity, yet its broader role in essential business operations around the world is often understated. Unlicensed spectrum is a crucial ingredient in Wi-Fi’s ability to deliver applications and even create entirely new business models which enhance daily productivity and innovation while bringing substantial contributions to our society,” Edgar Figueroa, President, and CEO of Wi-Fi Alliance said in a statement.
WPA3 is built on the WPA2 standard and retains interoperability with WPA2-supported devices while disallowing outdated security protocols. Further, all WPA3 networks require the use of Protected Management Frames (PMF). Based on the personal/enterprise implementation, the key capabilities of WPA3 are as follows:
More resilient, password-based authentication even when users select passwords that fall short of typical complexity recommendations. WPA3 leverages Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, that protects users against offline “dictionary attacks” and provides more robust password-based authentication. It also allows users to choose passwords that are easier to remember. Further, WPA3 supports Persistent Forward Secrecy privacy to protect data traffic, even if a password is compromised after data transmission.
WPA3 introduces a 192-bit security suite aligned with the CNSA (Commercial National Security Algorithm) suite. The Wi-Fi Alliance hence refers to “additional protections for networks transmitting sensitive data, such as government and financial institutions.” This security suite “ensures a consistent association of cryptographic tools deployed on WPA3 networks.”
“WPA3 takes the lead in providing the industry’s strongest protections in the ever-changing security landscape,” Figueroa added. “WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access.”
The Wi-Fi Alliance has also introduced a new, optional Wi-Fi feature called Easy Connect that makes it easier to connect smart home devices like smart speakers with their virtual assistants to your router, with limited or no display interfaces while maintaining high-security standards. It uses a QR code to quickly set up and connect such devices to a network.
Additionally, Wi-Fi Certified Enhanced Open “delivers improved data protections while maintaining the convenience and ease-of-use of open networks”. It is intended for use by the likes of coffee shops, or in guest web portals used by venues such as airports, hotels and sports stadiums.
Although Wi-Fi Alliance is releasing the new protocol today (June 26), it is not expected to arrive in such Wi-Fi certified WPA3 devices until next year anyway.