The Wi-Fi Alliance, a non-profit organization that tests and slaps the “Wi-Fi Certified” logo on products that meet certain standards of interoperability, has announced enhancements for WPA2 and the imminent introduction of WPA3.
According to a new report from ZDNet, the Wi-Fi Alliance, backed by industry giants including Apple, Cisco, Intel and Microsoft, will oversee the introduction of a new version of the WPA set of security technologies used in all Wi-Fi certified devices.
WPA3 comes bundled with a mechanism that offers protection against brute-force attacks, often referred to as the “trial and error” method used by attackers to decode encrypted data. WPA3 combats these brute force attacks by blocking the Wi-Fi authentication after a series of failed attempts.
Additionally, one of the biggest advantages of WPA3 is the way it protects public, open Wi-Fi networks. These are usually open and unencrypted, which means whoever uses them is quite vulnerable to snooping and data theft. WPA3 will solve this problem by employing individualized data encryption, which will scramble the connection between any two devices on the network.
The move away from WPA2 is certainly a welcome one. Back in October, security researchers discovered severe security issues in the protocol. KRACK, short for Key Reinstallation AttaCK, exploited vulnerabilities in the four-way handshake of WPA2 that takes place when a client wants to join a protected Wi-Fi network.
WPA3’s rollout process is expected to proceed smoothly as vendors get on board with the new protocol, and most knew WPA2’s time was up when they received word of the KRACK vulnerability under embargo.
“The standards behind WPA3 already existed for a while,” says Mathy Vanhoef, the author of the KRACK attack on WPA2. “But now devices are required to support them, otherwise they’re won’t receive the ‘WPA3-certified’ label.”
“Linux’s open source Wi-Fi client and access point already support the improved handshake,” he added. “It just isn’t used in practice.. But hopefully, that will change now.”