Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

WPA3 Promises Better Wi-Fi Security with Less Effort

The Wi-Fi Alliance, which certifies Wi-Fi products, has announced WPA3, a major upgrade to Wi-Fi security that will appear in 2018 and take care of known flaws while simultaneously requiring less effort on your part. Among other things, it will eliminate the nasty KRACK vulnerability and secure open Wi-Fi networks. (See “Wi-Fi Security Flaw Not As Bad As It’s KRACKed Up To Be,” 17 October 2017.)

The Wi-Fi Alliance is a trade group that dates back nearly 20 years. It has long been responsible for keeping all the cats in the local wireless networking bag, preventing forks and proprietary standards that have plagued other technologies. Almost 15 years ago, the Wi-Fi Alliance worked to recover from the terrible flaws in its original network encryption standard, WEP, by getting the whole industry to switch to the far more secure WPA2.

WPA2 encrypts traffic passed over the Wi-Fi wireless local area network to prevent anyone without the network passphrase or an enterprise login from being able to decipher the flow of data. On an enterprise network, even devices on the same Wi-Fi network can’t see each other’s data. It’s supposed to work that way on passphrase-only Wi-Fi networks too, like what you have in your home, but flaws in the protocol allow someone with the network’s shared password and a simple cracking tool to access data from other network users.

While the WPA2 standard was largely designed well, it hasn’t changed in 15 years, which is a long time in the security world. Last year, a security researcher discovered a major flaw that he dubbed KRACK. It could allow someone in proximity to a Wi-Fi network to recover certain kinds of otherwise protected data. Major vendors, including Apple, released patches for Wi-Fi adapters and routers, but older hardware that is unpatched or unpatchable remains vulnerable, and the repairs were more bandages than curative surgery.

The new WPA3 fixes the fundamental flaw related to KRACK by replacing the four-way handshake between a Wi-Fi device and a base station that turned out to be vulnerable. Precise details of WPA3’s redesigned method of establishing a secure connection aren’t yet available.

The new WPA3 standard also adds the following:

  • Even when a user picks a weak passphrase — like pass1234 — WPA3 will process it without user involvement so that the password can’t be extracted via brute-force attacks that rely on iterating through short, common, and dictionary-based passwords.

  • WPA3 provides better security for devices with limited input methods, like printers, to join a network securely. That was supposed to be the job of WPS (Wi-Fi Protected Setup), but it never reached its potential, and the WPS spec has security flaws.

  • Encryption key length in WPA3 rises from 128 bits to 192 bits to meet a level of protection required for U.S. government use.

  • Joining a password-free network will now securely set up an encrypted connection.

  • All connections will now be protected from other users of the same network, something that’s reliably available only with enterprise connections today.

These last two points are a major improvement for public Wi-Fi networks. Unsecured networks are convenient because businesses and institutions don’t have to provide a Wi-Fi password to everyone who walks in. However, eliminating the need for a password also means that users send their traffic across unprotected connections that can be intercepted by anyone nearby with a Wi-Fi sniffer. With WPA3, Wi-Fi providers won’t have to choose between convenience and security.

The Wi-Fi Alliance also said it’s upping its game with WPA2, adding more tests of how WPA2 is implemented by companies to provide better consistency and security.

WPA3 will start appearing in hardware in 2018, but WPA2 will remain available for compatible devices for some time to come — almost certainly for several years, given its installed base. Unfortunately, most devices that run WPA2 likely can’t be updated to WPA3, possibly apart from some more recent devices that were designed with an idea of what hardware features WPA3 would require.

That means that WPA2 will remain the weakest link in Wi-Fi security until WPA3 is supported by every device you use and all the base stations to which you connect. As we saw with the transition from WEP to WPA2, which involved the interim WPA standard, that can be a long process.

 

READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to Walter Willis, Mark Mullinix, Gary Devoe, and Jerome
King for their generous support!
 

Comments about WPA3 Promises Better Wi-Fi Security with Less Effort

To leave a comment, click Add a Comment and then enter the text, your name, and your email address (which won't be displayed). Your comment will appear after you follow a link in the one-time confirmation message we send to verify that you're a real person.
Receive comments via RSS
Lewis Butler  An apple icon for a TidBITS Benefactor 2018-01-15 14:41
The problem with WPA3 is the same poroblem there was with WPA2 and WPA and WEP, they are completely proprietary black-box security that gets no peer review. This practically guarantees that there are severe vulnerabilities that will be exploited and no guarantee at all that those vulnerabilities will be disclosed.

One glaring example is that the crypto industry has settled on 256-bit encryption, but WPA3 only goes halfway there, and only because of US Government requirements.
Reply
B. Jefferson Le Blanc  2018-01-16 02:24
I was thinking the same thing, sort of, but the WiFi Alliance is, by definition, a peer group, so your criticism is off base in that regard. One would have to follow it more closely to determine how well WPA3 has been tested for flaws.

Nevertheless, given the history of WiFi security, as you suggest, some skepticism is justified. But a guarantee of vulnerabilities? That's just hyperbole. It will be a challenge to hackers, certainly. If the Alliance is doing its job, they will employ some expert hackers to stress test the new standard before it is finalized. We shall see.
Reply
Curtis Wilcox  An apple icon for a Friend of TidBITS 2018-01-16 10:28
WPA2 is a published standard, IEEE 802.11i-2004, so anyone can build an implementation. For most of those implementations, you will only have a binary so you can't inspect the source code for vulnerabilities but for vulnerabilities in the standard, like KRACK, you can.

https://en.wikipedia.org/wiki/IEEE_802.11i-2004

One reason for using smaller encryption keys is to allow lower powered devices to use the standard. The trade-off being that it's better to have Internet-of-Things devices using WPA3 than have them not use it and limit the new standard to smartphones and computers that can handle a larger key.

According to Wikipedia, WPA3 uses 192-bit keys. Where does your claim that some government is requiring that come from?
Reply