WPA3 Wi-Fi security standard, the successor of WPA2 is now official
Who doesn't like using a free Wi-Fi? Be it traveling in your car, visiting a nearby restaurant, you can easily connect to high-speed public Wi-Fi but connecting to public Wi-Fi is not always safe and secure.
"Man-in-the-Middle Attack" is the most common ways in which hackers get access to your personal info when you are connected to public Wi-Fi. They act as the middleman and compromise with the information that is sent over the network.
For example, if you are using insecure Wi-Fi to pay for an online transaction, the attackers can redirect you to a deceptive site and also get your sensitive information like passwords, card info, account details.
The point is, not all Wi-Fi are insecure. Most of the public Wi-Fi use old and outdated security methods which provide no encryption of your data.
In the year 2003, Wi-Fi Alliance introduced "WPA" (Wi-Fi Protected Access) security to provide a secure connectivity over Wi-Fi.
WPA is based on TKIP (Temporal Key Integrity Protocol) which uses Pre-share Key (PSK). It requires generating a single key and sharing with the network users.
To provide more security and better encryption of data using "AES" (Advanced Encryption Standard) WPA2 replaced WPA. WPA2 uses "AES" which requires the same key for encryption and decryption, i.e both the owner as well as the users of the network need to have the same key. Both these securities provided support for Personal and Enterprise networks.
Today, with more and more critical and sensitive data send over Wi-Fi and increased usage of the wireless medium, providing secure connections is the main concern of security providers.
Wi-Fi Alliance has now announced the net level of security protocol with "WPA3" security.
Wi-Fi Alliance announced, "Building on the widespread adoption of WPA2™ over more than a decade, WPA3 adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets. As the Wi-Fi industry transitions to WPA3 security, WPA2 devices will continue to interoperate and provide recognized security."
WPA3 includes advanced data security standards, stronger data encryption and uses Protected Management Frames (PMF).
WPA3 too supports two modes of operation, WPA3-Personal and WPA3-Enterprise.
Wi-Fi Alliance also explained the key features of these modes,
"WPA3-Personal: more resilient, password-based authentication even when users choose passwords that fall short of typical complexity recommendations. WPA3 leverages Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties."
"WPA3-Enterprise: offers the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance. The 192-bit security suite ensures a consistent combination of cryptographic tools are deployed across WPA3 networks."
Greg Dorai, Vice President Cisco WLAN, Cisco said, "Cisco is in full support of Wi-Fi Alliance's continual focus on security evolution to WPA3. The WPA3 program will bring much-needed upgrades to wireless security protecting all levels of customers from consumer to enterprise/government. Cisco is committed to integrating WPA3 features into our Aironet Access Points and Wireless Controllers via a firmware upgrade so that our existing and new customers can take advantage of the capabilities offered by WPA3."
Source: WiFi Alliance