Remember the KRACK WiFi (WPA2) vulnerability, discovered by Mathy Vanhoef? Dr. Vanhoef was a speaker at BlackHat USA 2017. It turns out that his discovery was a catalyst for action. Recently, the WiFi Alliance, which is the industry’s standards organization, released details about its new WPA3 protocol.
Here’s a quick rundown of the changes you can expect to see in the months ahead:
- Enhancements in encryption capabilities – The new protocol will enable encrypted connections between connected devices and the router/access point, and the cryptographic standard has been improved. According to the WiFi Alliance, it will be “a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, which will further protect Wi-Fi networks with higher security requirements such as government, defense, and industrial.”
- The ability to configure one WiFi enabled device to configure other devices on the network – As an example, you’ll now be able to configure a network-connected smart device that doesn’t have a display screen from your smartphone or PC connected to the same network.
- More protection – In addition to offering more robust encryption, the new standard will also offer enhanced protection against brute force attacks by halting the WiFi authentication process after some number of failed login attempts. This mirrors the functionality found on many web-based authentication systems.
All of these are welcome changes indeed, but despite relatively quick action on the part of the WiFi Alliance, it will still be several months before consumers are able to purchase devices that offer WPA3 support.
Mathy Vanhoef, the researcher who brought the KRACK attack to the world’s attention, had this to say about the recent announcement:
“The standards behind WPA3 already existed for a while, but now, devices are required to support them. Otherwise, they won’t receive the WPA3-Certified label. Linux’s open source Wi-Fi client and access point already support the improved handshake, it just isn’t used in practice. But hopefully, that will change now.”
This is good news indeed, and will help make wireless networks more secure. Kudos to Mathy Vanhoef for his discovery, and for spurring the industry into action.