all about the new protocol WiFi security
Feb 6, 2018 // By:admin // No Comment
Krack fault detected in October 2017 in the WiFi security protocol WPA2 . Only three months separated the publication of the vulnerability and the announcement of the new WPA3 protocol by The WiFi Alliance consortium was at the 2018 edition of CES in Las Vegas in January 2018. What do we know about the new technology?
The WPA3 protocol: what is it
If you have already configured a conventional router or Internet Box, the WPA protocol is certainly no stranger to you, especially the WPA2 which is the latest WiFi protection standard of the WiFi consortium Alliance.The first routers compatible with the second generation of the standard have been marketed in 2004, so for about 14 years. It is still the most used protocol.
Regardless of the number it carries, the WPA security standard protects communications between a device and the WiFi network to which it is connected and which is closed to using a password. Unlike the first-generation WPA standard, the second provides strong AES encryption that gives some assurance that the exchanges between a Wi-Fi access point and a Wi-Fi client (laptop, smartphones, ect.) Will be protected interceptions. WPA 3 to be deployed during 2018 will bring new features for better security on the networks.
The differences between WPA2 and WPA3
Wi-Fi Alliance says it wants to provide a series of features to simplify the configuration of Wi-Fi security for users, while improving network protection and security. The WPA3 standard brings four new features. Manufacturers must abide by them to have the right to market their devices with the “Wi-Fi CERTIFIED ™ WPA3 ™” label. Wi-Fi Alliance has outlined the novelties, waiting to tell us more about the technical details.
Protection against brute force attacks
With WPA3, even if you use a weak password, the protocol protects you from brute force attacks, ie when someone tries to identify the password using a robot programmed for this task. This is published in the press release published in January by WiFi Alliance.
Two of these features will provide robust protections even when users choose passwords that do not meet the usual complexity recommendations
Protection on public WiFi networks
Currently, on open public Wi-Fi networks , which are not protected by any password, the traffic that passes between the connected devices and the access point is not encrypted, even if HTTPS web sites improve things a little bit, and this only concerns surfing.
WPA3 brings evolutions on this aspect by using the “individualized encryption of the data”. When you connect to an open Wi-Fi network, traffic between your device and the Wi-Fi access point will still be encrypted. This means that each user should be in a private channel, which will make public Wi-Fi networks open much safer since you will have to crack the encryption to be able to intercept data.
Better security for government agencies
WiFi Alliance explains that the fourth feature will be “a 192-bit security suite, aligned with the CNSA (Commercial National Security Algorithm) suite.” This belongs to the NSA. The fourth improvement is a requested change to strengthen encryption on its sensitive networks.