WPA3, the New Standard which will Consolidate the Security of Your Wi-Fi
The Wi-Fi Alliance consortium has just lifted the veil on WPA3, its new protocol of encryption. It's a major improvement for the Wi-Fi networks.
Source
This is what is called an express normalization. In October 2017, the security researcher Mathy Vanhoef had revealed the Krack attack, reversing the safety of all the Wi-Fi terminals protected by the WPA2 protocol of encryption.
Less than year later, the Wi-Fi standardization Alliance proposes us a successor: WPA3 which have just been finalized. He embarks a whole set of new features supposed to be totally inviolable.
First of all, WPA3 gets rid of the negotiation former protocol - also called "4-way hand shake" - which is the weak link of the WPA2. It's there that are the vulnerabilities of the Krack attack. It's also thanks to him that the pirates can realize attacks by brute force or by dictionary on the passwords of a Wi-Fi network.
Based on a protocol called "Simultaneous Authentication of Equals", the phase of WPA3 negotiation will be now immunized against these problems. Even if the password chosen by the user is low, the pirates cannot try anymore their attacks by brute force or by dictionary.
This technology also brings a persistent confidentiality (forward secrecy). Even if a pirate can find the password of the Wi-Fi network by another way, he could not decrypt past communications.
A better protection in the public places
The other big news concerns the public Wi-Fi networks. Until now, they were either totally opened, or accessible through a password known for all. In both cases, it's not very complicated for a pirate to locally decrypt the flows of the users (that is why I advised you to use a VPN).
WPA3 puts an end to this vulnerability with the "Enhanced Open" mode of connection. This one leans on the "Opportunistic Wireless Encryption"protocol to establish in an ad hoc way a calculated connection between the user and the access point. The safety is brought by the Diffie-Hellman algorithm, which is used to define the encryption key.
Finally, WPA3 simplifies the connection of the connected objects which do not necessarily have a screen to be able to parametrize them easily. With the "Easy Connect" feature, it will be enough to scan a QR code on the device to be connected. The Wi-Fi router will then take care to send him automatically identifiers in a complete security.
Obviously, it will still be necessary to wait a little to benefit from all these news, the time that they are implemented by the various manufacturers. The first compatible products should arrive by the end of 2018. To get the benefit of it, it will be necessary that routers and devices which will be connected are WPA3 certified.
In theory existing devices could receive an update allowing them to manage the WPA3, but the procedure will be doubtless complex and binding for the manufacturers. It is thus not very probable that we see already many brought out devices benefiting from it.
This is my guide to secure your PC after a fresh installation of Windows
And if you think that you phone or your PC has been hacked, you know where to click ;-)
Have you seen the MacOS features that can expose your encrypted data?
I've made a lot of good articles with tools and advises to teach you how to protect your privacy and to make you aware of the hacker's weapons, go check them out!
WiFi finally getting its much needed update! Haha..
lucky people of Finland.
Well seen ;-)