The Wi-Fi Alliance yesterday launched WPA3 — its new Wi-Fi security standard, designed to both eliminate known Wi-Fi security vulnerabilities as well as to add various features for future protection. WPA3 marks the first major upgrade to Wi-Fi security since the WPA2 standard was adopted in 2004.
Among the new features present in WPA3 are the following:
1.) Forward Secrecy
Forward secrecy, which previous Wi-Fi security standards lacked, is an important element of WPA3, and refers to the use of unique session encryption keys to prevent parties from recording encrypted network traffic and then decrypting it in the future if they later obtain that network’s encryption password. The risk of such attacks has grown dramatically since 2004, since the cost of storing large amounts of data for long periods of time has plummeted.
2. Stronger Encryption
WPA3 offers an Enterprise version that affords 192-bit encryption, a big improvement over today’s standard 128-bit. (Technically speaking, WPA3 uses AES–GCM with 256-bit keys, but, when one factors in its use of SHA384 for hashing and 384-bit elliptic curves, the effective strength can be calculated to be about 192 bits.)
3. Defenses Against Brute-Force Attacks
One of the ways that hackers frequently obtain access to Wi-Fi networks is by trying (via automated tools) a series of common Wi-Fi passwords. WPA3 makes it far more difficult to execute such attacks, by temporarily blocking authentication requests after several failed attempts.
4. More secure easy connection technology
Wi-Fi Easy Connect, a mechanism for pairing screen-less Internet-of-Things devices to a router by scanning QR codes with one’s phone, replaces today’s Wi-Fi Protected Setup (WPS), which suffers from vulnerabilities that allow hackers to capture router PINs, and thereby obtain the means to connect to the router.
5. Better security when using public WiFi
WPA3 encrypts with a unique encryption key all communications between each device and the Wi-Fi router or access point to which it is connected. As a result, it is much harder for users of the same Wi-Fi network to snoop on one another, or otherwise harm one another.
Of course, while the WPA3 standard now exists, it will take some time until it becomes a de facto standard in homes and offices. But, if you are in the market for a new router, make sure that it supports — or will support – WPA3.