05 January 2018
WiFi Alliance, the organization that decides WiFi standards officially announced the next level WiFi protocol WPA3. This is followed by the disclosure of KRACK vulnerability faced by devices using WPA2 WiFi Protocol. Only the first details are out for now, but the official first draft will be available in this year itself.
Mr.Mathy Vanhoef is the author of KRACK attack on WPA2. He spoke few words about the WPA3 standard. He said that,
The standards behind WPA3 already existed for a while, But now devices are required to support them, otherwise, they're won't receive the 'WPA3-certified' label. Linux's open source Wi-Fi client and access point already support the improved handshake, It just isn't used in practice. But hopefully, that will change now.
As per the report, the WPA3 protocol will pack four main features apart from additional minor features. First of all, it will offer protection against brute-force attacks by blocking the WiFi authentication process after several failed login attempts. Devices using WPA3 protocol will also be able to use nearby devices as configuration panel for other devices. With this feature, smartphones can be used to configure WiFi WPA3 options for tiny IoT equipment.
The third feature is called “individualized data encryption”. This feature encrypts each connection to and from a device and router/access points. WiFi Alliance described the fourth main future of WPA3 protocol as follows,
a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, [which] will further protect Wi-Fi networks with higher security requirements such as government, defense, and industrial.