Wi-Fi Alliance has announced the new WPA3 protocol, which is slated to provide better network security over the current WPA2 encryption method. The new protocol adds additional capabilities for enhancing Wi-Fi protection of both personal and enterprise networks, and is said to provide more ‘resilient’ protection when a weak password is used that does not meet minimum typical complexity recommendations. All WPA3 networks are said to make use of latest security methods while rejecting outdated legacy protocols, and require the use of Protected Management Frames (PMF) to maintain “resiliency of mission-critical networks.”
WPA3 features two modes of operation, WPA3-Personal and WPA3-Enterprise. The personal profile of the encryption method applies for a layman and it makes use of Simultaneous Authentication of Equals (SAE) key establishment protocol between devices, which provides stronger protections against third parties that try password guessing. This means that it should be harder for brute-force attacks to work on weaker passwords. Now, with WPA3-Enterprise, users are said to get security equivalent of “192-bit” cryptographic strength. The WiFi Alliance says that a combination of cryptographic tools are deployed across WPA3 networks while using the 192-bit security suite.
“WPA3 takes the lead in providing the industry’s strongest protections in the ever-changing security landscape,” said Edgar Figueroa, President and CEO of Wi-Fi Alliance. “WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access.” The alliance is also introducing a new Wi-Fi CERTIFIED Easy Connect program, which will reduce the complexity of Wi-Fi devices that have limited or no display interface, like IoT devices.
For connecting devices to a Wi-Fi network, users will be able to simply scan a QR code.
The support for WPA3 on devices depends on the manufacturing companies and when they roll out patches for enabling the new protocol. Additionally, WPA3 will maintain interoperability with WPA2 devices but WPA3 support will eventually become mandatory on all new devices that pass through Wi-Fi certification.