See more
See less

Wi-Fi Alliance announces WPA3


  • Wi-Fi Alliance announces WPA3

    The Wi-Fi Alliance announced the WPA3 standard officially on Monday. The new wireless network security standard will replace WPA2 eventually.

    WPA2, which stands for Wi-Fi Protected Access 2, is the current security standard for wireless networks.

    Practically any device — smartphones, routers, laptops, IoT devices — with wireless connectivity supports the nearly 2-decade old standard. Security researchers discovered a vulnerability in WPA in October 2017. KRACK, Key Reinstallation Attacks, works against all WPA2 protected Wi-Fi networks and can be abused to steal sensitive information and other data.
    Features of WPA3

    The press release that the Wi-Fi Alliance put out on Monday reveals four new features of WPA3. Three of the features improve security significantly.

    The first introduces individualized data encryption. It resolves a long-standing issue of open WiFi networks by encrypting connections between devices on the network and the router individually. This blocks any other connected device from snooping on or manipulating traffic of other devices connected to the same network.

    The press release lacked further information but it could be that Opportunistic Wireless Encryption is used for the feature.
    With OWE, the client and AP perform a Diffie-Hellman key exchange during the access procedure and use the resulting pairwise secret with the 4-way handshake instead of using a shared and public PSK in the 4-way handshake.

    OWE requires no special configuration or user interaction but provides a higher level of security than a common, shared, and public PSK. OWE not only provides more security to the end user, it is also easier to use both for the provider and the end user because there
    are no public keys to maintain, share, or manage.
    The second improvement protects the wireless network better against brute-force attacks. Brute-force attacks try different passwords, often by using dictionaries of common passwords, to get into the system.

    WPA3 features anti-brute-force protection. Requests will be blocked after the system notices several failed authentication attempts.

    The third security-related improvement is an improved cryptographic standard.
    Finally, a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, will further protect Wi-Fi networks with higher security requirements such as government, defense, and industrial.
    No information other than that it is a 192-bit security suite was revealed.

    Finally, WPA3 supports a new configuration feature that makes the configuration of devices without screens easier. Basically, what it enables users to do is set up WPA3 options a device using another device.

    WPA3-certified devices are expected to become available later this year. Bleeping Computer had a chance to talk to Mathy Vanhoef, the researcher who discovered the KRACK attack on WPA2. He told Bleeping Computer that Linux’s open source Wi-Fi client and access point support the improved handshake already, but that it has not been used in practice.

    The Wi-Fi Alliance will continue to deploy WPA2 in Wi-Fi Certified devices. Devices that support WPA3 will work with WPA2 devices.

    It is unclear whether new hardware is explicitly required, or if firmware updates may introduce WPA3 support as well.

    Source: gHacks Technology News.

      Posting comments is disabled.



    Article Tags


    Latest Articles


    • WIN WIN WIN 7 years of Freaktab, thank you all WIN WIN WIN

      Thanks to our Users, Sponsors, Devs and Mods:

      Click to win:

      What prizes do we have exactly in the Giveaway in order to win?

      1. OUKITEL WP5000

      2. PROBOX2 AVA

      3. ZIDOO H6 PRO

      4. UGOOS AM3

      5. UGOOS AM3

      6. UGOOS AM3

      7. RKM MK22
      04-15-2018, 13:45
    • New Android TV dongle passes through the FCC with Google Logo, Assistant enabled remote and Oreo on board

      If you’re a keen watcher of the US Federal Communications Commission (FCC), then a new device from Shenzhen SEI Robotics Co., Ltd. labelled a ‘4K ATV Stick’ will probably have piqued your interest, with the external photos showing off a HDMI dongle, with Google Logo running the latest version of Android TV and with a Google Assistant enabled voice remote.

      As you can see from the images the dongle is extremely reminiscent of the Chromecast dongles that have been massively popular
      04-10-2018, 15:16
    • Google removes ‘Kodi’ from search autocomplete in anti-piracy effort
      Google has banned the term “Kodi” from its autocomplete feature, meaning those who look for information on the set-top box will have to type out the full term in order to search, as reported by TorrentFreak. Google has been increasing its anti-piracy efforts in recent years, banning terms from autocomplete and making changes to its search algorithms in order to demote copyright-infringing material.

      While Kodi is legal software in a set-top box for streaming, it supports a myriad of
      03-29-2018, 14:06
    • Google starts blocking its apps on uncertified Android devices
      If you're fond of loading custom ROMs on your Android phone, life just became complicated. Google has quietly started blocking access to its apps on uncertified devices whose firmware was built after March 16th. If you're affected, you'll get a warning that a device is "not certified" and can't sign into a Google account. This won't prevent you from loading ROMs, but you'll have to register your device IDs on a white list every time you undergo a factory reset -- when there's a 100-ID...
      03-26-2018, 14:42
    • AMD Responds To CPU Security Flaw Report
      AMD has finally issued a full response to CTS Labs’ report that Ryzen and EPYC processors contain a total of 13 security flaws. Here’s the short version of the chipmakers’ response:
      • Exploitation of the vulnerabilities requires admin access
      • The vulnerabilities have to do with firmware and chipsets, not the x86 architecture
      • Patches are coming in the form of BIOS updates and firmware patches only--no microcode updates are required--via OEMs and ODMs
      • All issues will be addressed within “weeks,”
      03-20-2018, 13:37
    • SPMC creator ends the app’s development and joins the MrMC team

      Chris Browet, the creator of SPMC, a popular forked version of Kodi, has announced that he is joining the team behind MrMC, another popular forked version of Kodi. As a result, development of SPMC is coming to an end so that Browet, also commonly known by the handle koying, can concentrate on his new role of maintaining MrMC’s development for Android and Fire OS devices.

      MrMC and SPMC are easily among the most popular forked versions of Kodi, a media center app that is
      03-18-2018, 22:43