Wi-Fi, a wireless network possibly connected to the Internet, has quickly become an essential element in the daily use of the vast majority of electronic devices with which we interact. Despite this, people often do not give due importance to how secure a Wi-Fi connection point is, including at home: they completely ignore what the security protocol is and how it protects our data exchanged during the connection, and often do not even bother to use a suitably complex password. The new features are designed to overcome the main cyber-security problems related to Wi-Fi and to help users by simplifying the general use of the network.
After 14 years of honourable service, the WPA2 security protocol is finally retiring: the Wi-Fi Alliance, an organisation made up of some of the leading companies in the sector, has unveiled WPA3 to deal with increasingly complex and sophisticated cyber-attacks. The organisation opted for this change, most likely following the recent discovery of a procedure – dubbed KRACK (Key Reinstallation Attack) – capable of completely bypassing WPA2 security measures.
WPA3 will have various functionalities:
- WPA3-Personal which, thanks to the SAE (Simultaneous Authentication of Equals) system, will increase the security of home networks even when using a password with lower than standard security levels through a different authentication system. SAE provides protection against bruteforce attacks by locking the device after a certain number of failed attempts (a defence now implemented in most web and software authentication systems).
- WPA3-Enterprise, designed for businesses, offers additional protection for networks transmitting sensitive data via 192-bit encryption.
- Wi-Fi CERTIFIED Enhanced Open, encryptsall data transmitted from any device connected to the network; this means that a Wi-Fi connection will be secure even at public hotspots.
- As mentioned earlier, more and more devices are able to connect to the network. This is why Wi-Fi CERTIFIED Easy Connect was introduced, a system that simplifies connections and the management of devices without a display via a smartphone or PC.
The innovations are many and extremely significant; it is certain that, although there is no obligation for manufacturers to equip new products with WPA3, we will fortunately see many latest-generation devices compatible with the new protocol. However, the measures described are not yet active, and it will take some time before the WPA2 protocol is definitively retired.
Marco Serico