11

It seems Wi-Fi Alliance announced WPA3 for the end of 2018.

  • Anybody knows exactly what is new? features, security improvements, etc...
  • Is it because of Krack attack? I thought patching WPA2 is enough.
  • Is WPA3 really needed because of its security improvements? or is just a "not mandatory" upgrade?
Improve this question
5
  • 7
    There are a number of unfortunate things about WPA/WPA2, such as the ability for a non-authenticated attacker to knock users off the network, or the fact that in a PSK setup, anyone with access to the network can eavesdrop on everyone else on the network. I don't know of WPA3 fixes them.
    – Mark
    Commented Jan 10, 2018 at 8:52
  • 2
    theregister.co.uk/2018/01/09/wi_fi_wpa3 provides some details and then "A spokesperson for the Wi-Fi Alliance told The Register in an email that further information will be made available once the WPA3 program launches."
    – Steffen Ullrich
    Commented Jan 10, 2018 at 9:25
  • 2
    I didn't look at wp3 yet, but an improvement is sorely needed, considering how much wpa2 Personal sucks.
    – CodesInChaos
    Commented Jan 10, 2018 at 12:59
  • @Mark Both unfortunate and plain old silly. The fact that the ESSID is used as the salt has always made me want to cry.
    – forest
    Commented Mar 2, 2018 at 10:22
  • @Mark, WPA3 does not address the ability to deauth/disassoc clients from a wireless network. However 802.11w does do so and is already required by the WFA to get their ac or Passpoint certifications. Please see my answer here if you want more specific details.
    – YLearn
    Commented May 10, 2018 at 22:14

2 Answers 2

Reset to default
14

According to The Hacker News, here are major improvements :

  • WPA3 protocol strengthens user privacy in open networks through individualised data encryption.
  • WPA3 protocol will also protect against brute-force dictionary attacks, preventing hackers from making multiple login attempts by
    using commonly used passwords.
  • WPA3 protocol also offers simplified security for devices that often have no display for configuring security settings, i.e. IoT devices.
  • Finally, there will be a 192-bit security suite for protecting WiFi users’ networks with higher security requirements, such as
    government, defence and industrial organisations.

Thus I think it has some security improvements over WPA2

Improve this answer
7
  • This is pretty much the press release in a nutshell. If anyone is a member and has more information, please add what you know.
    – Tom K.
    Commented Jan 10, 2018 at 9:01
  • Nice answer! I'm curious what "individualised data encryption" might mean... I guess we will have to wait and see.
    – Anders
    Commented Jan 10, 2018 at 10:12
  • 7
    @Anders "individualized data encryption" simply means that hotspots or open access points will issue unique keys to each unauthenticated client, instead of using no encryption for unauthenticated clients. This will prevent the guy in the cafe next to you from using wireshark to view your traffic.
    – John Deters
    Commented Jan 10, 2018 at 14:07
  • 1
    "WPA3 protocol will also protect against brute-force dictionary attacks, preventing hackers from making multiple login attempts by using commonly used passwords". This seems odd, are they saying it will protect against a handshake capture and offline cracking? If not, this doesn't really help.
    – multithr3at3d
    Commented Jan 10, 2018 at 21:49
  • 1
    @AXANO WPA2 Enterprise can provide some of these improvements (e.g. by using EAP-TLS), but it requires a complex setup with a bloated RADIUS server.
    – forest
    Commented Mar 2, 2018 at 10:25
7

Anybody knows exactly what is new? features, security improvements, etc...

From what I have been able to gather so far, it appears to be a couple of required new features and a couple of optional features.

  • Opportunistic Wireless Encryption (OWE) - required. Based on RFC 8110, this is meant to ultimately displace open wireless networks. This adds a simple encryption to clients without the need to configure a PSK. However the lack of a PSK appears to leave this vulnerable to MitM attacks. Better than transmitting in the clear, but not by much.
  • Simultaneous Authentication of Equals (SAE) - required. A modification to the handshake to help prevent dictionary style attacks on PSKs.
  • AES 192-bit encryption - optional. A boost from the cryptographic strength used on wireless today (128-bit encryption).
  • Device Provisioning Protocol (DPP) - optional. A way to add devices to a secure network easily. Looks to be a replacement of the WPS, which has been broken for a while.

So far, nothing dramatically changing the face of wireless security, rather more enhancements than a new protocol. However it is a new certification from the WFA that devices will have to meet if they want to use WPA3 in their documentation/marketing.

Is it because of Krack attack? I thought patching WPA2 is enough.

Directly no. Indirectly, I would say yes. Consider that WPA2 (802.11i) is nearly a decade and a half old. While (patched) it remains secure today, this is a long time for a security protocol and KRACK caused many people to once again reconsider the role of wireless security.

The WiFi Alliance is simply strengthening the security that currently exists.

I will take a moment to note that unlike previous versions of WPA, WPA3 is not based on an IEEE ammendment to 802.11 (WPA based on draft 802.11i, WPA2 based on 802.11i). I don't doubt that there is discussion of a new IEEE working group to look into updating wireless security, but I am not aware of any formed at the moment.

Is WPA3 really needed because of its security improvements? or is just a "not mandatory" upgrade?

Not mandatory. However, WPA3 does help to strengthen wireless security.

Keep in mind that WPA3 doesn't really seem to be a replacement of WPA2, rather just additional features that the WFA will require to get their certifications.

Improve this answer
11
  • 3
    @forest, from RFC8110 section 7, "Security Considerations": OWE is susceptible to an active attack in which an adversary impersonates an access point and induces a client to connect to it via OWE while it makes a connection to the legitimate access point. In this particular attack, the adversary is able to inspect, modify, and forge any data between the client and legitimate access point. Therefore it is vulnerable to MitM.
    – YLearn
    Commented May 10, 2018 at 22:02
  • 1
    Actually, on further consideration, this may make clients MORE vulnerable to MitM for at least the short term (until most open networks are OWE capable). WPA3 Clients will likely prefer OWE networks over legacy open networks, so an attacker will simply need to impersonate an open network with a OWE network to get WPA3 capable clients to connect to it over the actual network.
    – YLearn
    Commented May 10, 2018 at 22:55
  • 1
    You're right, I read through the RFC and saw nothing about even optional fingerprint-based authentication. That is really sad because businesses could provide a QR code to scan which gives the figerprint, but the protocol doesn't even support that. That also means that "access point pinning" might not be possible. I don't think OWE would be more vulnerable though, because an active attacker can equally violate confidentiality, integrity, and availability completely for both OWE and legacy open networks. There is no need for them to use OWE to become a "preferred" network.
    – forest
    Commented May 11, 2018 at 1:16
  • 1
    @forest, my though is regarding OWE being less secure is that given two networks with the same name, clients will likely be programmed to prefer an OWE network rather than a legacy open network (since it is "more secure"). An attacker setting up a rogue network with OWE in the area of a legacy open network will not have to do anything "extra" to get clients to connect to their MitM placement. Clients may even prefer to automatically roam to the OWE network, negating the need to send disassoc'/death frames to get clients to reconnect (or in the presence of 802.11w where they cannot do so).
    – YLearn
    Commented May 11, 2018 at 4:17
  • 1
    @forest, I had forgotten about 802.11z/TDLS as I personally have seldom seen it used. Thanks for the reminder, I will have to go do some research to refresh my memory when I get a chance. While TDLS is a means of two devices negotiating a direct connection over a common network, IIRC this is entirely done by the end client devices themselves with no interaction from the AP. When they establish the connection, they in essence tell the AP they are going to sleep and use that time to communicate directly while "waking" up to listen to the AP every DTIM period.
    – YLearn
    Commented Jun 1, 2018 at 5:28

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .