The Wi-Fi Alliance, the non-profit organization whose global network of members maintains Wi-Fi technology, announced late on Monday the launch of the WPA3 security standard.
Unveiled in January, the latest version of the Wi-Fi Protected Access (WPA) protocol brings significant improvements in terms of authentication and data protection.
The Wi-Fi Alliance will continue to maintain and improve WPA2, which is mandatory for Wi-Fi Certified devices, as it will likely take several years until WPA3 is widely adopted. The two versions of the protocol will maintain interoperability through a transitional mode of operation and WPA3 will become mandatory once adoption grows.
WPA3 has two modes of operation: Personal and Enterprise. WPA3-Personal’s key features include enhanced protection against offline dictionary attacks and password guessing attempts, improved security even if users choose less complex passwords, and the use of forward secrecy in order to protect communications even if a password has been compromised.
WPA3-Enterprise provides 192-bit encryption for networks that require extra security (e.g. the networks of government and financial organizations), improved network resiliency, and greater consistency when it comes to the deployment of cryptographic tools.
Both the Personal and Enterprise modes prohibit the use of legacy protocols, and they require Protected Management Frames (PMF), which provides protection against eavesdropping and forging. PMF is also available for WPA2.
“WPA3 takes the lead in providing the industry’s strongest protections in the ever-changing security landscape,” said Edgar Figueroa, president and CEO of the Wi-Fi Alliance. “WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access.”
The Wi-Fi Alliance also announced the introduction of Easy Connect, a system that makes it easier for users to connect smart home and other Internet of Things (IoT) devices to their wireless networks. Wi-Fi Easy Connect simplifies the process by allowing users to add devices by scanning a QR code with a smartphone or tablet.
Earlier this month, the Wi-Fi Alliance also announced the launch of Wi-Fi Enhanced Open, a certification program that provides protection for unauthenticated networks, such as the ones commonly found in coffee shops, hotels and airports.
The system is designed to protect connections against passive eavesdropping without requiring a password by using Opportunistic Wireless Encryption (OWE) to provide each user unique individual encryption that secures traffic between their device and the Wi-Fi network.
Related: Lenovo Patches Critical Wi-Fi Vulnerabilities
Related: Google Discloses Critical Wi-Fi Flaws Affecting iOS, Android