In October 2017 security researchers published the details of a major weakness in the WPA2 WiFi protocol, called the Key Reinstallation AttaCK or KRACK. This allowed attackers to track traffic between devices and the router or access point. The security researchers noted that the “attack works against all modern protected WiFi networks”. As a result, many manufacturers released a patch that fixed this error. But still the WPA2 image and reputation was damaged and that is one of the reasons why the WiFi Alliance released the new WPA3 encryption.
Before looking at WPA3, it’s worth going back in time and examining the development of WiFi encryption. One of the first encryptions was WEP (Wired Equivalent Privacy). WEP could easily be broken by capturing packages intercepted in the air.
After this security flaw, the WPA protocol (Wi-Fi Protected Access) was created. Later WPA2 emerged with improvements in the encryption, and implementations such as the AES (Advanced Encryption Standard) that has the 48 bits of inherited encryption from the WPA plus the 128 bits of the new protocol. These improvements made it very safe. However, with the recently known errors, it is possible to violate it.
Here is a detail of the attacks that can be made to each of the encryptions:
This new encryption will have four new features, and will offer more robust protection to end users and companies. These four key characteristics are:
In WPA2 networks, a handshake system was used when a device was connected to a wireless access point. This handshake can be stolen and subjected to a brute force attack, until the key is obtained. WPA3 offers a much more robust handshake that cannot be subject to brute force attacks.
The routers with this new encryption are already being marketed, but this does not mean that our home devices will have this encryption by magic; manufacturers are working on software updates so that we can implement them in our devices.
Most routers have a tab to upload new firmware and update them. In this case the manufacturers will be removing these security patches so that we can update our routers without needing to buy a new one.
October 10 / 2019
October 03 / 2019
November 19 / 2014
In light of some of the major changes occurring at the moment within Microsoft, the forthcoming release of Visual Studio 2015, along with .NET 2015, promises to be particularly...Read post