Wi-Fi Gets More Secure: Everything You Need to Know About WPA3 – IEEE Spectrum

The biggest Wi-Fi security update in 14 years was recently unveiled by the Wi-Fi Alliance. The Wi-Fi Protected Access 3 (WPA3) security certificate protocol provides some much-needed updates to the WPA2 protocol introduced in 2004.
The Wi-Fi Alliance also announced two additional, separate from WPA3 certification, protocols: The Enhanced Open and Easy Connect


  1. Tomi Engdahl says:

    Computer Security Researchers: WPA3 Could Have Been Better, Stronger

    Wi-Fi Protected Access 2, or WPA2, had a good run. But after 14 years as the go-to wireless security protocol, cracks inevitably start to show. That’s why, over the summer, the Wi-Fi Alliance announced the protocol’s successor, WPA3, after teasing its capabilities in press releases since the beginning of the year.

    The big change from WPA2 to WPA3 is in the way devices greet a router or other access point to which they are trying to connect. WPA3 introduces a greeting, or handshake, called a Simultaneous Authentication of Equals (SAE).

    So SAE solves some big vulnerabilities of WPA2—an important step, but maybe not enough. According to Vanhoef, the scuttlebutt in the security community is that the dragonfly handshake will prevent debilitating attacks like KRACK, but questions remain regarding whether it is good enough beyond that.

    Vanhoef says mathematical analyses of dragonfly handshakes suggest that they should be secure. “On the other hand, there were some comments and critiques [suggesting] that there were other options,” he says.

    When the Wi-Fi Alliance first announced WPA3 in a press release last January, they announced a “suite of features” to improve security. The release hinted at four features in particular. One, SAE, became the core of WPA3. Another, a 192-bit encryption scheme, is optional for large corporations or financial institutions making the switch to WPA3. The other two features never made it to WPA3.

    The features that didn’t make the cut exist as entirely separate certification programs. The first, Easy Connect, makes it simpler for users to connect their IoT devices to their home networks. The other, Enhanced Open, provides more protection for open networks, like the ones at airports and coffee shops.

    “The Wi-Fi Alliance, I think, purposefully kept their press release at the beginning of the year vague,”

  2. Tomi Engdahl says:

    Next-Gen Wi-Fi Security – WPA3 Explained

    WPA3 looks like it will greatly enhance the security of your Wi-Fi connections – but how does it work?

  3. Tomi Engdahl says:

    New APIs Suggest WPA3 Wi-Fi Security Support Coming Soon to Windows 10

    Windows 10 users don’t have to wait much longer for the support of latest WPA3 Wi-Fi security standard, a new blog post from Microsoft apparently revealed.

    The third version of Wi-Fi Protected Access, in-short WPA3, is the next generation of the wireless security protocol that has been designed to make it harder for attackers to hack WiFi password.

    WPA3 was officially launched earlier this year, but the new WiFi security standard won’t arrive overnight. Most device manufacturers could take months to get their new routers and networking devices certified by the Wi-Fi Alliance to support WPA3.

    WPA3-Personal (SAE) Support in Windows 10

    Though Microsoft hasn’t yet officially announced WPA3 support for its Windows 10 operating system, new APIs introduced in the newly released Windows 10 SDK Preview build 18272, as marked in the screenshot below, indicates that Windows users would soon be getting support for the new protocol.

    Besides this, Tim Cappalli, an engineer at Aruba Security, in a tweet claimed that he also spotted WPA3-Personal (SAE) available in the Windows 10 Insider build 18252.100 while manually configuring a wireless network.

    Another Windows user confirmed the WPA3-Personal availability in the latest Insider build version but also mentioned that it’s not currently working as intended.


Leave a Comment

Your email address will not be published. Required fields are marked *