WPA3: Advanced Wi-Fi Security

Wi-Fi networks are everywhere. Homes, businesses, government offices, subway stations, coffee shops: just about anywhere you go, Wi-Fi has made easy to access online data.

They also create one of the biggest security loopholes in any network; their ease of access allows criminals a window into your digital world. Wi-Fi Protected Access 2 (WPA2), is over a decade old and has been broken for over a year, making it vulnerable to cyber attacks.

The Wi-Fi Alliance, a body that determines general security standards for wireless networks, has announced the upcoming release of a new standard, WPA3. This new protocol includes a number of improvements upon WPA2 to increase wireless network security:

  • Device Provisioning Protocol (DPP): This protocol can help ensure that only approved devices access the network by requiring a scan of a device-specific QR code or a generated password string.  This includes IoT devices that may not have a user interface but still require network access.

  • Opportunistic Wireless Encryption (OWE): OWE encrypts open, public wireless networks to prevent data from being intercepted (“eavesdropping attacks”).

  • Suite-B: Stronger encryption algorithms to secure sites such as government offices and banks, though this capability will be available to all users.

  • Simultaneous Authentication of Equals (SAE): Adds an additional security handshake to help protect users using less-secure or commonly-used passwords.

The new standard is currently being rolled out on new Wi-Fi Alliance-certified wireless routers, and full ratification by the IEEE is expected early next year. Newer Wi-Fi routers may allow a software patch to incorporate the new protocol, though older devices will still rely on WPA2 until they are phased out of use.

If you have further questions about what WPA3 means for your wireless network security, contact Nodal! For more information on the new standard and its impending release, check out this RackSolutions article and Cisco’s breakdown of WPA3 and plans for its Meraki devices.