Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wi-Fi Alliance Launches WPA3 Security Standard (securityweek.com)

Posted by msmash on from the it's-here dept.

wiredmikey writes: The Wi-Fi Alliance, the organization responsible for maintaining Wi-Fi technology, announced the launch of the WPA3 security standard. The latest version of the Wi-Fi Protected Access (WPA) protocol brings significant improvements in terms of authentication and data protection.

WPA3 has two modes of operation: Personal and Enterprise. WPA3-Personal's key features include enhanced protection against offline dictionary attacks and password guessing attempts. WPA3-Enterprise provides 192-bit encryption for extra security, improved network resiliency, and greater consistency when it comes to the deployment of cryptographic tools.

2 of 97 comments (clear)

  1. Some info by Artem+S.+Tashkinov · · Score: 5, Informative

    Too bad, my submission has been rejected even though it had a lot more information which I'll post anyways:

    New security features include:

    • WPA3 uses the Simultaneous Authentication of Equals (SAE) algorithm, which replaces Pre-shared Key (PSK) in WPA2-Personal, while WPA3-Enterprise uses a more complex set of features that replace IEEE 802.1X from WPA2-Enterprise. These are: authenticated encryption, key derivation and confirmation, key establishment and authentication, robust management frame protection.
    • WPA3 is resistant to dictionary attacks. The Wi-Fi Alliance says that WPA3's SAE is resistant to offline dictionary attacks where an attacker tries to guess a Wi-Fi network's password by trying various passwords in a quick succession.
    • Wi-Fi Easy Connect for WPA2 and WPA3: This feature is aimed at smart (Internet of Things) devices that don't have a screen where a user can configure its Wi-Fi network settings. For example, a user will be able to use his phone or tablet to configure the WiFi WPA3 options of another device that doesn't have a screen, such as tiny IoT equipment like smart locks, smart light bulbs, and others.
    • Wi-Fi Enhanced Open: a proprietary technology, which uses an algorithm known as Opportunistic Wireless Encryption (OWE) to encrypt each connection between a WiFi user and the router/access point with its own custom encryption key. This per-user encryption prevents local attackers from snooping on other users' traffic, even if the network doesn't require a password to join.

    Source

  2. Re:Why are there two? by SuiteSisterMary · · Score: 3, Informative

    The very reductive, overly-simplified short form is 'personal asks you for THE wi-fi password. Enterprise asks you for YOUR wi-fi password.'

    --
    Vintage computer games and RPG books available. Email me if you're interested.