The Wi-Fi Alliance has officially launched Wi-Fi Protected Access 3 (WPA3) security standard, following the pre-launch announcement back in January this year.
Announced in January ahead of the finalisation of the standard, WPA3 is designed to both patch up holes in its predecessor WPA2 and add entirely new functionality. This includes, but is not limited to, per-client encryption capabilities, improved security when users pick too-simple passphrases, a 192-bit security cipher suite compliant with the US Committee on National Security Systems' Commercial National Security Algorithm (CNSA) requirements, and simplified configuration for headless devices running without a display.
'WPA3 takes the lead in providing the industry’s strongest protections in the ever-changing security landscape,' claims Edgar Figueroa, president and chief executive of the Wi-Fi Alliance. 'WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access.'
The final WPA3 standard is split in two: WPA3-Personal, which includes the weak-password protection and Simultaneous Authentication of Equals (SAE) protection against password-guessing attacks; and WPA3-Enterprise, which includes the new 192-bit cipher suite. Both include protections against the Key Reinstallation Attack (KRACK), along with the retirement of legacy protocols and the requirement for Protected Management Frames (PMF) to be used.
The new standard is backwards-compatible with WPA2 devices, the Wi-Fi Alliance has confirmed, through a 'transitional mode of operation,' though they will not receive the full feature set. The organisation has also confirmed it will make WPA3 mandatory in order to receive Wi-Fi certification once 'market adoption of WPA3 grows'
More information on WPA3 is available on the Wi-Fi Alliance website.
November 18 2019 | 09:00