On June 25, 2018, WiFi Alliance officially introduced the certification program for Wi-Fi CERTIFIED WPA3. This is the first security update for Wi-Fi for the last 14 years.
According to the alliance, WPA3 (Wi-Fi Protected Access 3) “adds new features to simplify Wi-Fi security, providing more reliable authentication, increasing cryptographic strength for highly sensitive data markets and ensuring the fault tolerance of critical networks”. WPA3 key features:
- The latest cryptographic protocol are used;
- Obsolete protocols are prohibited;
- Function of protecting control frames from PMF compromise (Protected Management Frames) is mandatory.
Since Wi-Fi networks have different needs for use and security, WPA3, like WPA2, offers two standard profiles for personal and corporate networks: WPA3-Personal and WPA3-Enterprise.
Users of WPA3-Personal receive more reliable password authentication and brute force protection even in cases where a password is too short or simple. This is implemented by replacing the old protocol Pre-shared Key (PSK) with the protocol Simultaneous Authentication of Equals (SAE) from Dan Perkins. SAE refers to protocols like PAKE (password-authenticated key agreement): an interactive method where two or more parties install cryptographic keys based on knowledge of one or more password sides.
The key property of PAKE is that 'a man in the middle' cannot get enough information to conduct a full-fledged offline brute force in a passive mode. It necessarily requires interaction with the parties to verify each option. This means, that even with weak passwords, the security is much better than before.
WPA3-Personal is more focused on ease of use. Users can still choose arbitrary passwords.
WPA3-Enterprise provides much higher security requirements and now allows the use of highly persistent security protocols for confidential data networks. Users are offered cryptographic protocols using at least 192-bit keys and the following cryptographic tools for data protection:
- Authentic encryption: 256-bit Galois/Counter Mode Protocol (GCMP-256);
- Key generation and confirmation: 384-bit Hashed Message Authentication Mode (HMAC) с hashing using the protocol Secure Hash Algorithm (HMAC-SHA384);
- Key exchange and authentication: exchange by Elliptic Curve Diffie-Hellman (ECDH) and digital signature using the Elliptic Curve Digital Signature Algorithm (ECDSA) on a 384-bit elliptical curve;
- Reliable management of traffic protection: 256-bit Broadcast/Multicast Integrity Protocol Galois Message Authentication Code (BIP-GMAC-256).
It is assumed that when selecting 192-bit mode, all the listed tools will be used, which guarantees the correct combination of protocols as a basic security platform within the WPA3 network.
WPA3 retains backward compatibility with WPA2 devices and is currently optional additional certification for Wi-Fi CERTIFIED devices.
WPA3 is based on the cryptographic protocol Simultaneous Authentication of Equals (SAE) by Dan Harkins. This specialist is also the author of the infamous protocol Dragonfly (RFC 7664). It must be said that the procedure for approving RFC 7664 in the IETF was accompanied by stormy debates. Chairman of the working group on cryptostandards CFRG, which approved Dragonfly, Kevin Igoe allegedly is an employee of the NSA. As a result, in a global sense, it is impossible to speak with confidence about the cryptographic stability and overall reliability of the SAE protocol and the WPA3 standard as a whole.
Wi-Fi Alliance expects devices with WPA3 support to be released on the market in 2019, along with devices that support a new, faster version of the Wi-Fi-802.11ax. After that, WPA3 support can become a prerequisite for the certification of any Wi-Fi device.