The Wi-Fi Alliance has announced WPA3, A new standard of Wi-Fi security features for users and service providers. The Wi-Fi alliance, a standards body with Broadcom, Intel, Microsoft, Qualcomm, and several other tech titans serving as members, announced its next-generation wireless security protocol Wi-Fi protected access 3 (WPA3). The new WPA3 Wi-Fi security protocol will arrive in early 2018.
WPA3 will replace the existing WPA2 the network security protocol that has been around for at least 15 years and widely used by billions of wireless devices every day, including smartphones, laptops and Internet of things.
The boosts to the specification’s quality assurance will reduce the potential for vulnerabilities due to network misconfiguration and further safeguard managed networks with centralized authentication services according to the group.
The Alliance claims that the new standard is secured, and more so for crowded public Wi-Fi hotspots where users become easy targets for hackers.
The new standard uses 192-bit encryption and individualized encryption for each user. The Wi-Fi Alliance also claims that WPA3 will mitigate security issues posed by weak passwords and simplify the process of setting up devices with no display interface.
WPA has been designed specifically to work with wireless hardware produced prior to the introduction of WPA protocol, which provides inadequate security through WEP. Some of these devices support WPA only after applying firmware upgrades, which are not available for some legacy devices.
WPA3 replaces cryptographic protocols susceptible to off-line analysis with protocols that require interaction with the infrastructure for each guessed password, so that the infrastructure may place temporal limits on the number of guesses.
WPA3 introduces a new alternative for configuration of devices that lack sufficient user interface capabilities by allowing nearby devices to serve as an adequate UI for network provisioning purposes, thus mitigating the need for WPS.
In October 2017, details of the KRACK attack on WPA2 were published. The KRACK (Key Reinstallation Attack) attack is believed to affect all variants of WPA and WPA2, though the security implications vary between implementations depending on how a Vaguery in the standard was interpreted by the developers of each.