The Wi-Fi Alliance has announced WPA3, a new standard of Wi-Fi security features for users and service providers. This is welcome news, given that a Wi-Fi exploit was uncovered late last year which affected all modern Wi-Fi networks using WPA or WPA2 security encryption, letting attackers eavesdrop on traffic between computers and wireless access points. The new WPA3 features will include “robust protection” when passwords are weak, and will also simplify security configurations for devices that have limited or no display interface.

“Wi-Fi security technologies may live for decades, so it’s important they are continually updated to ensure they meet the needs of the Wi-Fi industry,” said Joe Hoffman from consulting firm SAR Insight & Consulting in a statement. The Wi-Fi Alliance is made up of companies including Apple, Intel, and Microsoft. For those who work in coffee shops and often use public Wi-Fi, WPA3 will also have individualized data encryption that will strengthen privacy in open networks. While there aren’t further details about that tool, security researcher Mathy Vanhoef suggests that might refer to Opportunistic Wireless Encryption, or encryption without authentication.

"Another feature will strengthen user privacy in open networks through individualized data encryption". This might refer to Opportunistic Wireless Encryption: encryption without authentication. See https://t.co/fp7ikH24xp — Mathy Vanhoef (@vanhoefm) January 8, 2018

WPA2 uses a four-way handshake that ensures the same password is being used by both clients and access points when they join a Wi-Fi network. Vanhoef told ZDNet that the WPA3 standard will use a new handshake, which won’t be vulnerable to dictionary attacks. Further, WPA3 will also feature a 192-bit security suite aligned with the Commercial National Security Algorithm (CNSA) Suite that will protect government, defense, and industrial networks that have higher security requirements. The new security features will be available later in 2018.