Tuesday, January 9th 2018

Wi-Fi Alliance Confirms WPA3 Arrival Later This Year

Wi-Fi Alliance introduces enhancements and new features for Wi-Fi Protected Access, the essential family of Wi-Fi CERTIFIED security technologies for more than a decade. Wi-Fi Alliance is launching configuration, authentication, and encryption enhancements across its portfolio to ensure Wi-Fi CERTIFIED devices continue to implement state of the art security protections.

WPA2 provides reliable security used in billions of Wi-Fi devices every day, and will continue to be deployed in Wi-Fi CERTIFIED devices for the foreseeable future. Wi-Fi Alliance will continue enhancing WPA2 to ensure it delivers strong security protections to Wi-Fi users as the security landscape evolves. Advanced Wi-Fi applications will rely on WPA2 with Protected Management Frames, broadly adopted in the current generation of Wi-Fi CERTIFIED devices, to maintain the resiliency of mission-critical networks. New testing enhancements will also reduce the potential for vulnerabilities due to network misconfiguration, and further safeguard managed networks with centralized authentication services.
Building on the widespread adoption and success of WPA2, Wi-Fi Alliance will also deliver a suite of features to simplify Wi-Fi security configuration for users and service providers, while enhancing Wi-Fi network security protections. Four new capabilities for personal and enterprise Wi-Fi networks will emerge in 2018 as part of Wi-Fi CERTIFIED WPA3. Two of the features will deliver robust protections even when users choose passwords that fall short of typical complexity recommendations, and will simplify the process of configuring security for devices that have limited or no display interface. Another feature will strengthen user privacy in open networks through individualized data encryption. Finally, a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, will further protect Wi-Fi networks with higher security requirements such as government, defense, and industrial.

"Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new features to the Wi-Fi CERTIFIED family of security solutions," said Edgar Figueroa, president and CEO of Wi-Fi Alliance. "The Wi-Fi CERTIFIED designation means Wi-Fi devices meet the highest standards for interoperability and security protections."

"Wi-Fi security technologies may live for decades, so it's important they are continually updated to ensure they meet the needs of the Wi-Fi industry," said Joe Hoffman, SAR Insight & Consulting. "Wi-Fi is evolving to maintain its high-level of security as industry demands increase."
Add your own comment

6 Comments on Wi-Fi Alliance Confirms WPA3 Arrival Later This Year

#1
qubit
Overclocked quantum bit
This was inevitable after the vulnerability inherent in WPA2 was discovered recently.

Wi-Fi is currently switched off because of this and will stay off until I buy a WPA3 router.
Posted on Reply
#2
RejZoR
It's going to take few years before WPA3 is even adopted by devices. Just having WPA3 capable router means nothing if clients connecting to it don't understand WPA3...
Posted on Reply
#3
Solidstate89
qubit said:
This was inevitable after the vulnerability inherent in WPA2 was discovered recently.

Wi-Fi is currently switched off because of this and will stay off until I buy a WPA3 router.
The flaw discovered in WPA2 was not only patched, but specifically affected the client side of the AP/client equation. So long as you have WPS disabled and use a strong, random password you're still perfectly safe with WPA2.
Posted on Reply
#4
lexluthermiester
Wi-Fi Alliance Confirms WPA3 Arrival Later This Year
About damn time! WPA2 has been vulnerable for years.
RejZoR said:
It's going to take few years before WPA3 is even adopted by devices. Just having WPA3 capable router means nothing if clients connecting to it don't understand WPA3...
Nah. All the major OS's will get driver, protocol and software patches swiftly. Older Android devices though...

Solidstate89 said:
The flaw discovered in WPA2 was not only patched, but specifically affected the client side of the AP/client equation. So long as you have WPS disabled and use a strong, random password you're still perfectly safe with WPA2.
That is not completely correct. While that vulnerability has been patched, thus keeping each wifi connection private, it is still possible to capture packets and thus the network access credentials and steal wifi access to the internet. This is a decently serious problem that needs a solution. Hopefully they get it right.
Posted on Reply
#5
Makaveli
Solidstate89 said:
The flaw discovered in WPA2 was not only patched, but specifically affected the client side of the AP/client equation. So long as you have WPS disabled and use a strong, random password you're still perfectly safe with WPA2.
^^^ This.

Only a router running in reaper / bridge mode has to worry about the KRACK issue. In router mode it not a problem its the client devices you have to worry about and most of them are patched now..
Posted on Reply
#6
qubit
Overclocked quantum bit
Solidstate89 said:
The flaw discovered in WPA2 was not only patched, but specifically affected the client side of the AP/client equation. So long as you have WPS disabled and use a strong, random password you're still perfectly safe with WPA2.
Not quite, since the problem was in the protocol itself, not the implementation. lexluthermiester has explained the problem nicely below.

lexluthermiester said:
That is not completely correct. While that vulnerability has been patched, thus keeping each wifi connection private, it is still possible to capture packets and thus the network access credentials and steal wifi access to the internet. This is a decently serious problem that needs a solution. Hopefully they get it right.
Posted on Reply