After introducing its WPA2 standard more than a decade ago, the Wi-Fi Alliance has now introduced a new WPA3 security standard that aims to simplify Wi-Fi security, allow for more robust authentication and deliver increased cryptographic strength for highly sensitive data markets.
First announced at CES 2018, the new standard overcomes the loopholes in the previous WPA2 standards. The security standard will also support two modes, WPA3-Personal and WPA3-Enterprise.
According to the Wi-Fi Alliance, the Personal mode is more resilient and allows for password-based authentication in the scenario where a user chooses passwords that falls short of typical recommendations. It also utilises the Simultaneous Authentication of Equals (SAE) secure key establishment protocol between devices, which allows for stronger protection against password guessing attempts.
Moving to WPA3-Enterprise, the standard offers the equivalent of 192-bit cryptographic strength adding better protection for networks that deal with sensitive data like government or finance.
The new WPA3 security standard disallows outdated legacy protocols and will require the use of Protected Management Frames (PMF) to maintain resiliency of mission critical networks.
Also introduced are Wi-Fi Certified Easy Connect, which is a new program that decreases the complexity of adding Wi-Fi devices that have basic or no display interfaces. This applies more to the wave of IoT devices and will ensure that high security standards are met despite the easy connectivity offered.
“WPA3 takes the lead in providing the industry’s strongest protections in the ever-changing security landscape,” said Edgar Figueroa, President and CEO, Wi-Fi Alliance. “WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access.”