WPA2 & WPA3: The New, The Changed, The Future

In a double-tap move, the Wi-Fi Alliance has announced enhancements to the WPA2 protocol and more details about its eventual successor, WPA3. Others discussing this announcement have alluded to the WPA/WPA2 vulnerabilities revealed last year at the Black Hat USA Conference and more widely in October 2017. The truth is that WPA2 was introduced 14 years ago. Not only is it “getting long in the tooth,” but with quantum computers on the horizon, there is a real need for a fully tested and implemented quantum-safe cryptography.

Three Enhancements to WPA2

The first enhancement is designed to help validate the reduction of potential vulnerabilities from vendor implementations caused by misconfiguration of networks or devices. This implementation includes ensuring that devices behave as required when they validate network authentication server certificates. The second enhancement involves the widely adopted Protected Management Frames (PMF). As part of the IEEE 802.11w amendment, PMF increases security and network protection from malicious attacks, such as spoofing, by providing data confidentiality and replay protection of management frames. The final enhancement standardizes the cryptographic suite and requires the strongest security modes of operation for WPA2-secured deployed networks. While WPA2’s encryption remains at 128-bit, it is similar to the new 192-bit level cryptographic suite for WPA3 (more on that below).

Introducing Four Key Features of WPA3

More details will emerge as the Wi-Fi Alliance finalizes WPA3 later this year. For now, we know that there are four main features, each designed to simplify device security and bring advanced security to Wi-Fi networks. Broad adoption will take years but the goal is to have many more years of better security. The first new feature of WPA3 is a new handshake that is designed to prevent dictionary attacks on pre-shared key security modes. Don’t worry, the fine people who work at Webster’s do not have to go into WitSec. A dictionary attack is based on trying all the strings in a pre-arranged listing. Software that aids in cracking hashes include colorful examples such as Cain and Abel, John the Ripper, and L0phtCrack. Previous techniques to thwart dictionary attacks have included requiring complex passwords and using a salt. By adopting Simultaneous Authentication of Equals (SAE), WPA3 will protect users with passwords that do not meet typical complexity requirements, making pre-shared key modes secure, while keeping them easy-to-use. The second feature is designed to provide a simple way for public and guest WLANs to be encrypted and secure without the need for a personal VPN. A “new” encryption, Opportunistic Wireless Encryption (OWE), is based on RFC8110. Without a pre-configured password, client devices and access points will be able to create a one-time use Pairwise Master Key (PMK), replacing the most common current use of “Open” wireless security. The third feature is optional and designed to secure IoT devices, most of which have limited or no display interface. The new Device Provisioning Protocol will provide a simple and secure way to add these devices to a Wi-Fi network. The fourth feature is an optional 192-bit security suite. This is a cryptographic strength enhancement. The feature is aligned with the Commercial National Security Algorithm (CNSA) Suite and designed to maintain data integrity on networks requiring the highest security, even in a post-quantum computer era. As the Wi-Fi Alliance has stated, “WPA2 will continue to be deployed in Wi-Fi CERTIFIED devices for the foreseeable future, and all devices supporting WPA3 will continue to work with WPA2 devices. Wi-Fi CERTIFIED for both WPA2 and WPA3 validates recommended security practices as the security landscape changes.”