Things you need to know About New WPA3 Wifi Security

September 30, 2018

Most of you might be wondering what is WPA, WPA2 and now WPA3. So, here is a simple and clear explanation on what WPA2, WPA3 and difference between WPA2 and WPA3. You can consider WPA3 to be the biggest wireless security update of the decade. Its not officially released to the vendors yet. its still in testing process and will be released anytime soon. 

What is wpa2?

WPA and WPA2 are two network security technologies which are used for securing wireless connections. Wifi Protected Access 2 is an upgrade of WPA. WPA2 is based on the IEEE 802.11i technology standard for data encryption. If you are using a router in your home or office environment most likely you are using wpa2 security.
When you are using WPA2 Encryption anyone else connected to the same network can sniff your network traffic which is not understandable or to be precise it is encrypted with the best encryption standards. Mostly wpa2 uses TKIP (Temporal key Integrity Protocol). TKIP takes your router password and SSID to generate unique encryption keys for each wireless client and those encryption keys are constantly changed.

What is WPA3?

WPA3 is a new network security technology which is going to be launched soon, most likely its going to take at least a year or so to be released into the market. As of now WPA2 is not so secure, there are many vulnerabilities in WPA2, to mitigate the issues in wpa2, WPA3 has emerged. Now WPA3 is going to be the most secure network standard.

Wi-Fi Alliance introduces Wi-Fi CERTIFIED WPA3, the next generation of Wi-Fi security, bringing new capabilities to enhance Wi-Fi protections in personal and enterprise networks. WPA3 adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets.

WPA3 Comes in 2 models

WPA3- Personal: WPA3 leverages Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties

WPA3-Enterprise: offers the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance. The 192-bit security suite ensures a consistent combination of cryptographic tools are deployed across WPA3 networks

Will my device Support WPA3?

Well, that’s the main issue here, mostly not all devices can get a framework update compactable with WPA3, some devices might require some special chips for WPA3 to work. Wi-Fi Alliance which is the developer of WPA3 is still working on making WPA3 available for every device. All the upcoming devices comes with WPA3 support for sure.


Features of WPA3:

1)   Privacy on public networks
2)   Protection against Brute force attacks
3)   Uses 128 to 192-bit encryption
4)   Easy Connect feature

  1)   Privacy on public networks:

Generally, open/public networks you connect to at cafes, airports are not secure, as the data transmission is not encrypted unless you are browsing https websites. Your traffic when connected to open networks can be sniffed by anyone as long as they are in your network range which is not safe at all, so to solve this, WPA3 is released with “Encrypting every connection” or “Individualized Data Encryption”. All the data flow or the traffic in the WPA3 network is very secure as all the connections going through WPA3 network are encrypted.

  2)   Protection against Brute Force Attacks

In WPA, WPA2 a handshake is captured, and a brute force attack can be performed on the handshake using a predefined set of passphrases or using a wordlists, in which each and every password goes through a trail and error method until it finds the correct password. Brute force attack performed on the network need not be done on the router, rather it’s done on the handshake file which we get from the router. So, there is no load or connection between the router and the attacker
In WPA3 brute force is not possible, firstly the router uses 128-bit encryption (for home or personal routers) or 192-bit encryption (for Enterprise) which is very hard to bypass using brute force and the important point is WPA3 defines a new handshake that “will deliver robust protections even when users choose passwords that fall short of typical complexity recommendations”. In other words, even if you’re using a weak password, the WPA3 standard will protect against brute-force attacks.


3)   High End Security

WPA3 uses 192-bit encryption which is the strongest and the 192-bit security mode is offered by WPA3-Enterprise ensures the right combination of cryptographic tools are used and sets a consistent baseline of security within a WPA3 network.  192-bit encryption is only for the enterprise which need not be bothered by the Home/Personal WPA3 users. This is mostly for Defence, Government or industrial use.

  4)  Easy Connect Ability

Almost all the routers from 2006 comes with a WPS button which is used for connecting with devices with no displays. WPS is added as a security feature but it comes with many flaws and vulnerabilities which can be exploited very easily. So, to solve this issue; WPA3 came up with “EASY Connect” Feature which is secure.

Each wifi “Easy Connect” devices come with a pre-setup QR Code in the form of a paper or ladled on the router (which is not decided yet and the choice is left to the manufacturers). But they did not clearly inform on how they are going to connect it with devices with no displays.


When will I have access to WPA3?

Well, no one knows that yet. Wi-Fi Alliance stated that most likely its going to be at the end of 2018 or so. Many companies already started manufacturing chips and phones which supports wpa3. Even if you have a WPA3 supported router and doesn’t have a WPA3 supported client (your mobile, PC, Laptop) it’s gonna be completely secure. You cannot utilize all the services in WPA3 without fully supported client. 




==========     Hacking Don't Need Agreements     ==========
Just Remember One Thing You Don't Need To Seek Anyone's  To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
    Thank You for Reading My Post, I Hope It Will Be Useful For You

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At Bhanu@HackingDream.net
By:
Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Security Analyst, Blogger, Web Developer and a Mechanical Engineer. He Enjoys writing articles, Blogging, Debugging Errors and Capture the Flags. Enjoy Learning; There is Nothing Like Absolute Defeat - Try and try until you Succeed.

1 comment:

Shah Faisal said...

Bro I've download and install wifislax 2.0 final but many tools such as fluxion,linset and hr test etc are missing. So what should I do????

February 9, 2019 at 2:29 PM

Post a Comment