The WPA 3 (Wireless Protective Access 3)
Wi-Fi has become a part of everyone’s’ lives starting from home, work, cafes, and even in public transports. With the increasing amount of usage, Wi-Fi have become more advanced in speed, functionality, range, and many more. Although the Wi-Fi has come a long way, there is an area where it failed to keep up with all the advancements, and that is security.
In October 2017, 2 Belgian researchers Mathy Vanhoef and Frank Piessens announced that they found a vulnerability in the WPA2 protocol that affected practically all the Wi-Fis and even major platforms such as Microsoft, Apple, Android, and even Linux, meaning if you have Wi-Fi then you are most likely affected. They named it KRACK (Key Reinstallation Attack), the attack takes part at the 4-way-handshake when connecting to a secured WPA2 network. At the 3rd part of the 4-way-handshake they perform whats known as a replay attack/playback attack, just before the last acknowledgement handshake. Ultimately leading for the attacker to replay, decrypt, and even forge the incoming/outgoing packets. The reason I brought the KRACK up in this article is because this is when a lot of people started to realise how out-dated our Wi-Fi security actually is. Currently the majority of Wi-Fi routers use WPA2 which was released in 2004, that is more than a decade ago.
Not long after the KRACK was announced, the Wi-Fi alliance has made an announcement on the first day of CES that they will be rolling out the WPA3 protocol sometime in 2018. Unfortunately they did not give out too much details but they did give us a sneak peek into a couple of new features.
1.Better security for IoT (Internet of Things)
With an increasing number of IoT devices, managing security has become more difficult as a lot of IoT devices do not come with a graphical interface therefore the users do not have much options to configure the security settings. The Wi-Fi alliance said “simplify the process of configuring security for devices that have limited or no display interface.”, but has not yet revealed how they are going to be implementing such idea. Which I personally believe is such security that a lot of people have been urgently needing.
2.Secure public Wi-Fi
As you probably know, public Wi-Fis are 110% less secure than private Wi-Fis for many reasons. Using public Wi-Fis can put you, your devices, your private information, and others at major risk as it is not too difficult to perform MITM or other deadly LAN based attacks. Anyone who puts a good 10 minutes into researching on how to do so can as easily perform these attacks and sniff or even manipulate the network traffic. Recently a new type of attack surfaced, with the rising popularity of cryptocurrency, named CoffeeMiner. Long story short, it mostly targets public Wi-Fis and injects a javascript to the HTML you requested and mines XMR (Monero) using the devices that are connected to the same Wi-Fi. However the WPA3 provides individualized data encryption meaning even if a hacker manages to get in between a device and a router, the data that the hacker sniffs will all be encrypted making it harder for hackers to read.
3.No Bruteforce
With the WPA2 and everything before gives you unlimited tries while trying to access a Wi-Fi network. This can lead to bruteforcing/dictionary attacks to penetrate the security and lead to the hacker getting his hands on the Wi-Fi password. With the WPA3 after a set number of fails, the user will be blocked out and the administrator will be notified.
4.Stronger Encryption
WPA2 protocol uses 64bit or 128bit encryption keys. WPA3 promises to use 192bit encryption and alignment with the Commercial National Security Algorithm (CNSA) Suite, such security that is currently being used with governments and major corporations, making it harder for hackers to decrypt the packets.
source: https://blog.malwarebytes.com/security-world/2018/01/wpa3-will-secure-wi-fi-connections-in-four-significant-ways-in-2018/ https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-introduces-security-enhancements
Woowy Land 