On January 8, 2018, Wi-Fi Alliance announced enhancements and new features for Wi-Fi Protected Access (WPA) through upgrades to WPA2 and the genesis of WPA3. These additions are essentially responses to the evolution of Wi-Fi usage and WPA2 vulnerabilities, like those exposed by the Key Reinstallation Attacks (Krack), experienced in 2017.
According to Wi-Fi Alliance, Wi-Fi carries more than half of the internet’s traffic, so improvements to Wi-Fi Protected Access is good news. But could these improvements require your company to spend loads of money on new hardware? Let’s take a look at what these improvements include and what businesses can expect from WPA3 in 2018.
Improvements to Wi-Fi Protected Access via WPA3
- Weak passwords? Not a problem!
A new layer of protection is being added so that security is not contingent on passwords. This is an improvement on WPA2’s largest vulnerability known as the handshake, which was exploited by Krack in 2017. The process behind this is Simultaneous Authentication of Equals (SAE).
- Simplified configuration for IoT devices
Setting up Alexa is about to get easier. The implementation of Device Provisioning Protocol (DPP) establishes a simple, secure and consistent method for introducing devices with limited to no display interface to Wi-Fi networks.
- More privacy than ever
WI-FI CERTIFIED open wireless networks will apply encryption to each user. Opportunistic Wireless Encryption (OWE) is Wi-Fi Alliance’s way of standardizing Wi-Fi security on open networks.
- Protection fit for national security
Stronger cryptographic algorithms, as defined by the US Government, will be employed. A 192-bit security suite will require higher security requirements, like that of government, defense and industrial.
What happens to older devices?
The enhancements coming through WPA3 sound great, but as always, the question of implementation must be asked. Unfortunately, most manufacturers have been quiet about legacy device support. While we know that future WIFI CERTIFIED WPA3 routers will support WPA2 to assist migration, the question remains whether current WPA2 devices will be capable of connecting to WPA3.
As far as we can tell, Cisco Meraki is the only manufacturer, so far, to address this question. In a blog released on March 8, 2018, Meraki announced that their 802.11ac Wave 2 Access Point customers will be able to enjoy the added protections of the new WPA3 through a cloud update. There’s the classic Meraki ease!
What about other WPA2 routers?
For those who are not Meraki 802.11ac Wave 2 Access Point customers, don’t panic. Your WPA2 devices are not immediately obsolete. “Advanced Wi-Fi applications,” as explained by the Wi-Fi Alliance, “will rely on WPA2 with Protected Management Frames, broadly adopted in the current generation of Wi-Fi CERTIFIED devices, to maintain the resiliency of mission-critical networks.” Therefore, current WPA2 devices will enjoy enhancements with the additional bonus of being able to connect with HPA3 hardware. Companies may want to begin budgeting for new hardware though, because it does appear that new devices will be required in order to implement the protections of the WPA3.
More details about the new WPA2 features and devices certified for WPA3 will be released as the year progresses. In the meantime, if you are interested in learning about Meraki 802.11ac Wave 2 Access Points or any other Cisco Meraki products, contact Hummingbird Networks! We can help you build a network that is ready for the future.