[ad_1]
By Malcolm Owen
Tuesday, June 26, 2018, 5:30 am Pacific Standard Time (8:30 am ET)
The Wi-Fi Alliance has begun certifying wireless devices for WPA3, a new security protocol replacing aging WPA2, with enhanced authentication and encryption measures to protect retail and corporate networks from access not allowed.
WPA3 makes behind-the-scenes changes that are not immediately visible to users about how devices connect to each other, especially to make it as difficult as possible for an attacker to access the network. Even if users create passwords for a Wi-Fi network considered weak, WPA3 has other elements that increase the difficulty.
There are two WPA3 protection variants, WPA3-Personal and WPA3-Enterprise, which offer slightly different levels of protection.
WPA3-Personal uses Peer-to-Peer Authentication (SAE), a secure key setup protocol that forces devices to communicate with an access point or other device before try to use a network password. This effectively closes a security hole under earlier versions of WPA where an attacker could perform dictionary-based attacks against data packets collected outside the network.
The Enterprise version adds 192-bit encryption to transmit data, making it more difficult for attackers to decrypt data packets in a short period of time.
The start of certification for WPA3 does not mean that it will be immediately available to users, nor will it make their current network equipment obsolete. Although it is slowly rolling out in new products, it is not currently a mandatory technology to use, but this status will change as adoption develops.
WPA2 compatibility is still required for all Wi-Fi certified devices, which means that hardware with integrated WPA3 will continue to work with today's Wi-Fi networks with no problem. While Apple's main product lines will most likely include support in the future, it is doubtful that the same could be said of the AirPort, which Apple has abandoned in April.
"WPA3 takes the lead in providing the industry's strongest protections in the ever-changing security landscape," said Edgar Figueroa, CEO of Wi-Fi Alliance. "WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access."
The WPA3 certification comes eight months after the discovery of a major vulnerability in WPA2, known as KRACK (Key Reinstallation Attack), which affected Apple devices and other hardware. This vulnerability has prompted the Wi-Fi Alliance to adopt new test enhancements to refine WPA2, as well as to reveal the development of WPA3.
In conjunction with Tuesday's announcement, the Wi-Fi Alliance introduced the Wi-Fi Certified Easy Connect program, a program aimed at reducing the complexity of embedded Wi-Fi devices with a limited display interface or nonexistent. Intended for Internet of Things hardware and similar objects, Easy Connect will allow these devices to connect to a network using another device, such as a smartphone, to scan a QR code.
[ad_2]
Source link
