WPA3 Adds Four Security Enhancements, One of Which Matters

The Wi-Fi Alliance announced its next security enhancement today, called WPA3.  The press release touts "four new capabilities", but only one of the four affects practical Wi-Fi security.

As they are occasionally wont to do, the Wi-Fi Alliance announced a new certification today via a press release featuring an artisnal blend of normal words and corporate gobbledygook.  For those who speak fluent corporate gobbledygook, here are the four enhancements of WPA3:
  • Robust protections even when users choose passwords that fall short of typical complexity recommendations.
  • Simplify the process of configuring security for devices that have limited or no display interface.
  • Strengthen user privacy in open networks through individualized data encryption.
  • A 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems to forther protect Wi-Fi networks with higher security requirements such as government, defense, and industrial.
As the Wi-Fi community's self-proclaimed corporate-gobbledygook-to-English translator, I will explain WPA3 in a language that all pro-American Americans can understand.

Robust protections even when users choose passwords that fall short of typical complexity recommendations

What does it mean?

WPA2 Personal passphrases will no longer be vulnerable to dictionary attacks.

Does it matter?

If you use WPA2 Enterprise, no.  (Although, if you use WPA2 Enterprise with PEAP or EAP-TTLS authentication, then your authentication security is WORSE than WPA2 Personal already.  So, change that ASAP.)

If you use WPA2 Personal, not really.  Math folk define "flawed" as "vulnerable to something that would be faster than a brute force attack".  And, sure, WPA2 Personal passphrases are flawed by that definition.  Engineering folk, on the other hand, define "flawed" as "actually flawed".  Meaning that someone would have to be able to realistically recover a WPA2 Personal passphrase via a dictionary attack.  By an engineer's definition, WPA2 Personal is not flawed.  Dictionary attacks on WPA2 Personal passphrases are too slow to work in the real world, unless the targeted passphrase is LITERALLY a word from the Webster's dictionary.

Simplify the process of configuring security for devices that have limited or no display interface

What does it mean?

WPS is getting "fixed".

Does it matter?

I don't know and I don't care.  WPS is push-button WPA2 Personal for printers, coffee makers, and other devices that may not have a traditional user interface.  WPS is another one of those things with theoretical flaws, but no documented occurrences of real world security compromises.

Strengthen user privacy in open networks through individualized data encryption

What does it mean?

An SSL-like link will be set up between station and AP when devices connect to open Wi-Fi.

Does it matter?

Yes!  No more VPNs at hotspots!

Ever since SSL became ubiquitous, WPA2 encryption has been redundant... except in one way.  WPA2 prevents wireless eavesdroppers from finding out which servers people are accessing.  For example, if I went to my local German restaurant and used their Wi-Fi to access Twitter, nobody would be able to wirelessly eavesdrop on my username, password, timeline, DMs, or any other "content", but they would be able to see that I accessed Twitter.

Traditionally, privacy-obsessed users of open Wi-Fi have had to use VPNs to prevent wireless eavesdroppers from finding out which sites, apps, and services are being accessed.  The SSL-like encryption between station and AP will stop that "information seepage", as the kids call it.

I should note that the BIG attacks on open Wi-Fi; Wi-Phishing and man-in-the-middle, will continue to be just as much of a threat as they have always been.  WPA3 does nothing to prevent a hooligan from setting up a Wi-Fi Pineapple with the goal of attracting stray associations.

A 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems to forther protect Wi-Fi networks with higher security requirements such as government, defense, and industrial

What does it mean?

192-bit AES encryption.  WPA2 uses 128-bit AES.

Does it matter?

How big of a nerd do you think I am?

I don't know.  I guess 128-bit encryption might not be long enough to withstand a bruteforce attack, given today's processing capabilities.  I wouldn't doubt it.  And obviously 192-bit encryption means that there are two-to-the-one-hundred-ninety-second-power possible encryption keys, rather than two-to-the-one-hundred-twenty-eighth-power.  But if you were to say, "Ben, this is all a conspiracy by Big Wi-Fi to sell unnecessary security to the U.S. military," I'd say, "you may have a point."

******

If you like my blog, you can support it by shopping through my Amazon link or becoming a Patron on Patreon.  Thank you.

Twitter: @Ben_SniffWiFi

ben at sniffwifi dot com

Comments

  1. "WPA2 Enterprise with PEAP or EAP-TTLS authentication, then your authentication security is WORSE than WPA2 Personal already"
    where did you read that?

    ReplyDelete
    Replies
    1. I didn't read it anywhere. It's just a fact.

      Delete
    2. WPA2-PSK can use a 256-bit key derived from a password for authentication, can be crackable by a dictionary attack.

      WPA2-Enterprise, also known as 802.1x uses a RADIUS server for authentication purposes. Authentication is achieved using variants of the EAP protocol. This is a more complex but more secure setup.

      I didn't get your point.

      Delete
    3. I'd be interested to hear the rationale there too, and not in a derogatory way mind you, just in an informational one!

      Delete
    4. I would have thought mechanisms that employ TLS tunnels would be more secure than ones that do not? Hopefully you can elaborate?

      Delete
    5. Password-based EAP is worse than WPA2 Personal for two reasons:

      1) Cracking of Password-based EAP is guaranteed; WPA2 Personal cracking relies on extraordinarily weak passphrases.

      2) EAP almost always uses enterprise credentials; WPA2 Personal almost never does.

      Delete
  2. You imply that all devices without displays are simplistic. There are many devices that have no displays and yet are quite expensive and sophisticated.
    Sometimes WPS gets too much credit. It has had, and still has, problems even if most of these are caused by a manufacturer's lack of (security) imagination.
    You did not mention it, but Protected Management Frames have been required with all WPA2 certifications since early 2016.

    ReplyDelete
    Replies
    1. I don't imply anything about how expensive devices are.

      Delete
  3. Two points I'd like to raise.

    1. I think you should caveat that BADLY configured WPA2 with PEAP is WORSE than WPA2 Personal. The weakness is the RADIUS Man in the Middle attack which can be mitigated with the correct use of Server Certs and Client configuration.

    2. I think you hit the nail on the head with WPS being for devices without a traditional UI. Surely this would be ideal in the world of IoT where sensors etc may not have a useful UI. So as WLAN engineers we may well care :)

    ReplyDelete
    Replies
    1. Any PEAP is worse than WPA2 Personal, for the two reasons cited above. We shall see if IoT sensors used in enterprises Wi-Fi start using WPS. I have yet to see that, but who knows what will happen in the future?

      Delete

Post a Comment

Popular posts from this blog

Go To Sleep, Go To Sleep, Go To Sleep Little iPhone

Why You Should Stop Disabling Low Wi-Fi Rates, Illustrated