WP3 Security Standard

New WP3 Security Standard released by Wi-Fi Alliance that provides Next-generation Wi-Fi Security with new capabilities to enhance both personal and enterprise networks

Initial announcement has been released on January 2018 regarding the new WP3 security standard that is a successor of WPA2.

So finally WPA3 replace the WPA2 which is currently enabled on billions of device since around the world last 15 years.

WP3 Security Standard contains a lot more new futures, high cryptographic strength, and more robust authentication.

There is four new future has been implemented by Wi-Fi Alliance with this Current WPA3 security standard release.

Two of the features will deliver robust protections even when users choose passwords that fall short of typical complexity recommendations.

Another one future provides strong user privacy for open networks through individualized data encryption.

Final future contains 192-bit security suite with  Commercial National Security Algorithm (CNSA) Suite that provide high-class security requirements such as government, defense, and industrial.

WP3 Security Standard contains following main futures for personal and enterprise networks.

  • Use the latest security methods
  • Disallow outdated legacy protocols
  • Require use of Protected Management Frames (PMF)
  • Users of WPA3-Personal receive increased protection from password guessing attempts.
  • WPA3-Enterprise users can now take advantage of higher grade security protocols for sensitive data networks.
“Edgar Figueroa, President and CEO, Wi-Fi Alliance said, WPA3 takes the lead in providing the industry’s strongest protections in the ever-changing security landscape,. “WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access.”

WP3 Security Standard for Personal & Enterprise

WPA3-Personal 

It Provides more Robust password-based authentication to protect the individual users even the users chose password will shortfall of the complex recommendations.

WPA3 replace the  Pre-shared Key (PSK) in WPA2-Personal by enabled through Simultaneous Authentication of Equals (SAE).

Resistant to offline dictionary attacks where an adversary attempts to determine a network password by trying possible passwords without further network interaction.

It allows choosing the easy password for users that are easier to remember and  Delivers enhanced protections with no change to the way users connect to a network

It provides secureForward secrecy that helps to protect users data traffic even if a password is compromised after the data was transmitted.

WPA3-Enterprise

WPA3-Enterprise provides greater security for Enterprise, governments, and financial institutions.

WPA3-Enterprise also offers an optional mode using 192-bit minimum-strength security protocols and cryptographic tools to better protect sensitive data

According to Wi-Fi Alliance, following futures are implemented with WPA3 Security Standard.

  • Authenticated encryption: 256-bit Galois/Counter Mode Protocol (GCMP-256)
  • Key derivation and confirmation: 384-bit Hashed Message Authentication Mode (HMAC) with Secure Hash Algorithm (HMAC-SHA384)
  • Key establishment and authentication: Elliptic Curve Diffie-Hellman (ECDH) exchange and Elliptic Curve Digital Signature Algorithm (ECDSA) using a 384-bit elliptic curve
  • Robust management frame protection: 256-bit Broadcast/Multicast Integrity Protocol Galois Message Authentication Code (BIP-GMAC-256)