WPA3 New Wi-Fi Standard Released

  • 0

WPA3 New Wi-Fi Standard Released

Category : Uncategorized

WPA3 New Wi-Fi Standard Released

WPA stands for Wi-Fi Protected Access, and is a security technology for Wi-Fi networks. It was developed in response to the weaknesses of WEP (Wired Equivalent Privacy), and therefore improves on WEP’s authentication and encryption features.

Wi-Fi Alliance, the organization that manages Wi-Fi technologies, announced the official release of WPA3.

WPA3 is the latest version of Wi-Fi Protected Access (WPA), a user authentication technology for Wi-Fi connections.

News that the Wi-Fi Alliance was working on WPA3 leaked online in January. The organization started working on WPA3 after a security researcher revealed KRACK, a vulnerability in the WPA2 WiFi protocol that made it somewhat trivial for an attacker to gain access to WiFi transmissions protected by WPA2.

WPA3 is currently optional for all newly produced devices, but it will become the de-facto Wi-Fi authentication standard for all Wi-Fi capable devices in the coming years.

 

WPA

 

 

WPA3-Personal and WPA3-Enterprise

Like WPA1 and WPA2 before it, there are two WPA3 “security modes” —WPA3-Personal and WPA3-Enterprise. The main difference between these two security modes is in the authentication stage.

WPA3 uses the Simultaneous Authentication of Equals (SAE) algorithm, which replaces Pre-shared Key (PSK) in WPA2-Personal, while WPA3-Enterprise uses a more complex set of features that replace IEEE 802.1X from WPA2-Enterprise.

The WPA3-Enterprise security mode is recommended for devices used on enterprise, governments, and financial networks.

As for WPA3-Personal, this is the standard that most of us will be interacting with on a regular basis once we replace older devices.

Here are some key features provided by the new protocol:

1.) Protection Against Brute-Force Attacks

WPA3 provides enhanced protection against offline brute-force dictionary attacks, making it harder for hackers to crack your WiFi password—even if you choose less complex passwords—by using commonly used passwords over and over again.

2.) WPA3 Forward Secrecy

WPA3 leverages SAE (Simultaneous Authentication of Equals) handshake to offer forward secrecy, a security feature that prevents attackers from decrypting old captured traffic even if they ever learn the password of a network.

 

WPA3

 

 

WPA3 is resistant to dictionary attacks

The Wi-Fi Alliance says that WPA3’s SAE is resistant to offline dictionary attacks where an attacker tries to guess a Wi-Fi network’s password by trying various passwords in a quick succession.

Security experts who’ve analyzed the standard say WPA3 will block authentication requests after several failed attempts, hence limiting the impact of such brute-force attacks.

Furthermore, WPA3’s SAE also implements a cryptography method known as forward secrecy. This is a feature of key-exchange authentication protocols where session keys are independent on their own and will not be compromised even if the private key of the server is compromised.

 

attacks

 

 

Wi-Fi Easy Connect for WPA2 and WPA3

A separate Wi-Fi feature also announced with WPA3 is a technology called Wi-Fi Easy Connect. This feature is aimed at smart (Internet of Things) devices that don’t have a screen where a user can configure its Wi-Fi network settings.

For example, a user will be able to use his phone or tablet to configure the WiFi WPA3 options of another device that doesn’t have a screen, such as tiny IoT equipment like smart locks, smart light bulbs, and others.

 

Wi-Fi

 

 

Wi-Fi Enhanced Open

Earlier this month, the Wi-Fi Alliance also announced Wi-Fi Enhanced Open, another proprietary technology that is meant to be deployed on “open Wi-Fi networks” such as those in airports, malls, bars, or internet cafes.

The technology works by using an algorithm known as Opportunistic Wireless Encryption (OWE) to encrypt each connection between a WiFi user and the router/access point with its own custom encryption key.

This per-user encryption prevents local attackers from snooping on other users’ traffic, even if the network doesn’t require a password to join.

Following the disclosure of the KRACK vulnerability, the Wi-Fi Alliance has reacted admirably and has released technologies meant to boost everyone’s security. Now, all that remains is that device vendors incorporate them in new products at their earliest convenience.

 

Enhanced

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Advance Python Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Embedded System Training

Digital Marketing Training

Machine Learning Training

Python Programming training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 

 

 


Leave a Reply

Show Buttons
Hide Buttons