Since the inception of Wi-Fi short for Wireless Fidelity, security has always been a major problem since there is no direct connection between the user and the access point therefore acts of eavesdropping , DoS ( Denial Of Service ) attacks, illegitimate access to the routers are very common. Several Wi-Fi security protocols have been devised to counter these issues namely WEP,WPA and WPA-2.
WPA-2 was introduced as a successor to WPA in 2004 . Like its predecessor WPA-2 came in both Personal and Enterprise versions. It uses CCMP (Counter Mode Cipher Block Chain Messaging Authentication Code Protocol ) which provides data confidentiality and authentication proof. It uses AES in counter mode as the primary encryption technique with a 128 bit key size. However, WPA-2 proved vulnerable to KRACK (Key Reinstallation Attacks) in 2017 which exposed the vulnerability of the four way handshake.
14 years down the lane Wi-Fi Alliance announces the WPA-3 protocol, implementation of which is expected to be by the end of 2019. This will benefit millions of Wi-Fi users across the world and also to businesses and industries. WPA-3 will also come in two versions Personal and Enterprise. The Simultaneous Authentication of Equals (SAE) will replace the Pre-Shared Key (PSK) authentication method. This feature will prevent hackers from performing offline brute-force dictionary attacks on the captured handshake unlike WPA /WPA2.
WPA-3 allows accessibility to a network without the use of a shared password ,the new Wi-Fi Device Provisioning Protocol ( DPP ) allows devices to authenticate by scanning QR codes or using NFC tags . Another great feature of WPA-3 is “ individualized data encryption” , hence an authenticate user cannot intercept the traffic of other people connected to the same network. Even if an outsider somehow determines the password, it will not be possible to determine the session keys. Open Wi-Fi networks will no more be a mess and your data will still be encrypted without using any password due to the Wi-Fi Certified Enhanced Open feature which uses the Oppurtunistic Wireless Encryption (OWE) . This will make hackers work twice to break into your system and intercept your data.
Apart from that, WPA-3 also uses a 384 bit Hashed Message Authentication Code to transfer the encryption keys between the router and the devices, even if someone eavesdrop the packet he/she will have a hard time finding the original key . For businesses, industries, government and defense sector WPA-3 Enterprise will pack in 192 bit security suite aligned with Commercial National Security Algorithm (CNSA) suite.
Wi-Fi Easy Connect will replace WPS and will be used with WPA3-Personal devices, this feature will simplify the connection between devices with no display such as IoT’s with the router.
Wi-Fi Alliance had announced that WPA-3 will be available in new routers and it will be upto the vendor to install the protocol in its existing router with a software update. Although Qualcomm has already started making chips for smartphones and tablets that support WPA-3 but it will take time to integrate them into new devices, so we do not need to rush to get a WPA-3 certified right now !