COMING SOON: Improved WiFi Security
“The third time’s the charm,” they say. We’re about to find out if that adage holds water in the case of WiFi Protected Access, the security protocol and certification system developed by the WiFi Alliance of industry heavyweights. The WPA3 protocol is finally ready and will start appearing in products like routers and network adapters before the end of 2018. Read on to see what the problems were with earlier versions, and what to expect in WPA3... |
WPA3 Is Finally Here
WPA (Wi-Fi Protected Access) was conceived in 2003 in response to serious security holes in its predecessor, WEP (Wired Equivalent Privacy). WPA was intended to be a short-term replacement for WEP while its more secure and complex version, WPA2, was being hashed out. That did not take long; WPA2 debuted in 2004. Beginning in March, 2006, testing and certification for compliance with WPA2 became mandatory for any product that wanted to display the “Wi-Fi” name. So why has it taken 14 years to develop WPA3?
The answer is that that the Wi-Fi Alliance is not terribly good at creating standards for secure wireless networks. WEP was supposed to provide the same high level of security that one gets with a hardwired connection between two devices; hence the name, “Wired Equivalent Privacy.” But WEP quickly proved to be more full of holes than a barrel of Swiss cheese, so WPA was hurriedly rushed out to replace it. WPA2, we were assured, would be the permanent security solution for 802.11 wireless networks.
But WPA2 (the WiFi security protocol still in use) proved to be full of vulnerabilities, too. Chief among them were weak passwords and an encryption scheme that left individuals on a WiFi network open to spying by others on the same network – the sort you would find in a cafe’ or other public setting. WPA3 addresses both of these vulnerabilities.
First, encryption is “individualized;” that is, each user on a WPA3 WiFi network gets a unique encryption key (or “WiFi password,” as most users call it), so the guy at the next cafe’ table cannot spy on your traffic.
Second, an authentication scheme called Simultaneous Authentication of Equals (SAE) will make it much harder to crack a WiFi password by brute force or making educated guesses. SAE will block access after several failed attempts, eliminating the "dictionary attack" approach.
WPA3 also simplifies the setup of smart home devices that lack a comfortable display, much as WiFi Protected Setup did for peripheral devices such as printers. The Wi-Fi Alliance calls this feature Wi-Fi Certified Easy Connect, and instead of a tiny greyscale LCD display it uses – you guessed it – your smartphone. This will be downright essential when setting up smart thermostats, light bulbs and other small IoT thingies that may not even have a screen.
Are Older Devices Upgradable to WPA3?
A degree of backward-compatibility with WPA2 and WPA is built into WPA3, but if your existing device does not have WPA3 you won’t reap these benefits. It remains to be seen whether older devices will receive firmware updates to WPA3; some manufacturers will provide such updates while others would rather force you to buy a new device. But eventually, all new Wi-Fi compatible devices will have to comply with WPA3.
The mathematics and software engineering involved in cryptology are incredibly complex. But it's essential to get it right, in order to have secure WiFi connections and access to websites. It sounds like WPA3 is something to look forward to – at least, until the first vulnerability is found in it.
Your thoughts on this topic are welcome. Post your comment or question below...
|
|
|
This article was posted by Bob Rankin on 2 Jul 2018
| For Fun: Buy Bob a Snickers. |
 |
Prev Article: Do Electronic Health Records REDUCE Patient Care? |
The Top Twenty |
Next Article: Geekly Update - 03 July 2018 |
 |
Post your Comments, Questions or Suggestions
|
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- COMING SOON: Improved WiFi Security (Posted: 2 Jul 2018)
Source: https://askbobrankin.com/coming_soon_improved_wifi_security_.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "COMING SOON: Improved WiFi Security "
Posted by:
PgmrDude
02 Jul 2018
The router will have an Awful LOT to do, to process each user's data with a unique encryption key (or “WiFi password,”), especially in a public location. That's quite a overhead burden to put on a device.
Posted by:
Jack
03 Jul 2018
I hope the device manufacturers design the devices to be easily upgradeable when vulnerabilities are found.
And I hope the devices have plenty of processing power to handle the heavier security load.
Posted by:
Samatha
03 Jul 2018
Arhh - just bought a new modem/router as mine (free) with NBN package with Telstra Australia obsolete - and open to hacking - whereas usual new customers got brand new up to date modem Grrhh. And they automatically contracted me for 24 months when previous one I was on had expired and I left it - didnt notify me at all. Not good enough on top of treating old clients worse than new. They all do it today - I think it is a very shortsighted approach.
anyway bought a Tlink Archer 1600 on its way - so hope its got this new WPA3 or can update as it does update itself which free one didnt.
Posted by:
Lee Dalzell
04 Jul 2018
They are determined that I MUST have a smart phone. I do not want a smart phone. Too expensive and I do not need the internet on my phone. But THEY are determined ....