Cyber Security

WPA3- The New Wi-Fi Security Standard To Substitute WPA2

Last year in the month of October the complete world was affected by a bug named as KRACK (Key Reinstallation Attacks), that exploits the vulnerabilities found in WPA2 security protocol. Till then, WPA2 was considered completely secure when compared to its predecessor WPA and WEP. However, the attack forced the researchers to find a new security standard that should be more secure than WPA2. Then, finally this year in CES 2018 Wi-Fi alliance introduced a new Wi-Fi security standard WPA3 that promises to resolve the flaws that exist in WPA2.

What Is WPA3?

Before exploring WPA3 it is important to understand what exactly is WPA. WPA is the successor for WEP (Wired Equivalent Privacy) that became outdated because of some serious security flaws.

WPA abbreviated as Wi-Fi Protected Access is a security protocol developed by Wi-Fi alliance to secure wireless computer networks. The number 2 or 3 behind WPA are the version number.

Whenever we connect our device with a Wi-Fi network using password, WPA2 outlines the standard in which a device and the router securely connects and communicate with each other via handshake method.

If we compare WPA2 with WPA1 or WPA then we will find that WPA2 uses more robust AES encryption, that can’t be easily cracked. This encryption ensures that no one can snoop in between the data that is being transferred in between a device and a router.

Which brings us to, WPA3, that is an upgraded version of WPA2 which uses more robust security that even diminishes the flaws find in WPA2.

How Is WPA3 Better than WPA2?

WPA3 standard comes with a newer, better and obviously more secure approach when compared to its predecessor WPA2.  WPA3 adds 4 main features to strengthen security and privacy over Wi-Fi.

Focus Over Security On Open Wi-Fi Networks:

If we talk about public Wi-Fi networks then the data shared over it  is never considered secure. A good example of these open Wi-Fi networks is the one you find at airports. The data sent or received over these type of network is not completely encrypted and it can be easily snooped over by an attacker.

However, Wi-Fi Alliance has taken care of this flaw and has attempted to resolve it in WPA3 by using individualized data encryption. Now, everytime you join a public Wi-Fi network, the data which you send/receive will be encrypted, making public Wi-Fi more private and secure. In this way, user will be more secure while they send any sensitive information on these open Wi-Fi networks.

Complete Protection Against Brute-Force Dictionary Attacks:

As you know that, whenever a device connects to a Wi-Fi network then a correct password needs to be entered in the device. In technical terminology this process is known as handshake, that ensures that the device has entered correct passcode to use the Wi-Fi network. However, the most famous KRACK attack was able to exploit the flaws that exist in handshake method.

Now as per Wi-Fi alliance, WPA3 will “deliver robust protections even when users choose passwords that fall short of typical complexity recommendations”. This means that now WPA3 will protect the users from brute force attacks even if they are using a weak or easy to guess password.

Providing Security to the Devices Without Displays

With the pace at which technology is evolving,  soon all devices will interconnected via Internet. Some common examples are Google Home and Amazon echo that can be operated even without being physically present. However, since these devices do not have display screens, therefore they are connected via app where you have to enter the password to connect that device to a Wi-Fi network.

Now WPA3 will “simplify the process of configuring security for devices that have limited or no display interface.” How will this process be simplified is still a question that has intrigued many.

Advanced Security for Organization With Higher Security Requirements:

The fourth and final feature is for the organizations that have higher security requirements than a home user like defense, government and industries.

Now as per Wi-Fi alliance, WPA3 will provide “a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, will further protect Wi-Fi networks with higher security requirements such as government, defense, and industrial.”

It is finally not clear when WPA3 will come into existence. As per latest news the devices supporting this WPA3 security standard will be released somewhere at the end of 2018.

Leave a comment