The Wi-Fi Alliance recently introduced their most significant security update since 2004. Providing several critical updates to the 14-year-old WPA2 protocol, the Wi-Fi Protected Access 3 (WPA3) security certificate protocol addresses the flaws of its predecessor.

The Wi-Fi Alliance also revealed two other certification protocols to bolster WPA3. Independent of WPA3, the Enhanced Open and Easy Connect protocols increase security for particular kinds of networks and specific situations.

WPA3 and the other 2 new protocols can now be installed by manufacturers into their products. As WPA2 was universally adopted, the same acceptance is anticipated for these new protocols. However, the Wi-Fi Alliance has not set a deadline for this to occur. As market penetration grows, it is expected that there will eventually be a time when WPA3, Enhanced Open, and Easy Connect will be the standard for devices. The following discusses the four new technological features that these protocols will bring to wireless security.

Simultaneous Authentication of Equals (SAE)

SAE will be the greatest change WPA3 delivers. The most crucial moment for network security is when a user or new device attempts to connect. This is the reason both WPA2 and WPA3 especially emphasize the authentication of new connections, confirming connection attempts are not being performed by attackers before allowing access.

Simultaneous Authentication of Equals is a new way of authenticating devices attempting to connect to a network. Utilizing a dragonfly handshake variant featuring cryptography for preventing eavesdropping to obtain a password, SAE precisely sets forth how a new user or device should interface with a network router during their exchange of cryptographic keys.

SAE replaces the Pre-Shared Key (PSK), which was introduced with WPA2 in 2004. PSK is called a “four-way handshake” due to the number of handshakes exchanged by a router and a connecting device during their mutual verification of the password without revealing it to one another. PSK was deemed secure until the discovery of Key Reinstallation Attacks (KRACK) in 2016.

Part 2 will discuss KRACK, Forward Secrecy, and 192-Bit Security Protocols.

Alpha Engineering Business Support

Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990. For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at (410) 295-9500.