WPA3 Wi-Fi security announced after more than a decade of WPA2

Protected Management Frames (PMF) to maintain resiliency of mission critical networks

The Wi-Fi Alliance has announced the next generation of Wi-Fi security — WPA3, that adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets.

The WPA2 has been in use for more than a decade since 2004. “As the Wi-Fi industry transitions to WPA3 security, WPA2 devices will continue to interoperate and provide recognized security,” Wi-Fi Alliance said in a statement.

WPA3 — Wi-Fi Alliance

WPA 3 will provide two distinct modes of operation: WPA3-Personal and WPA3-Enterprise.

All WPA3 networks will use the latest security methods, disallow outdated legacy protocols, and require use of Protected Management Frames (PMF) to maintain resiliency of mission critical networks.

Key capabilities of WPA3 include:

WPA3-Personal: more resilient, password-based authentication even when users choose passwords that fall short of typical complexity recommendations. WPA3 leverages Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties.

more resilient, password-based authentication even when users choose passwords that fall short of typical complexity recommendations. WPA3 leverages Simultaneous Authentication of Equals (SAE), a secure key establishment protocol between devices, to provide stronger protections for users against password guessing attempts by third parties. WPA3-Enterprise: offers the equivalent of 192-bit cryptographic strength, providing additional protections for networks transmitting sensitive data, such as government or finance. The 192-bit security suite ensures a consistent combination of cryptographic tools are deployed across WPA3 networks.

“WPA3 takes the lead in providing the industry’s strongest protections in the ever-changing security landscape,” said Edgar Figueroa, President and CEO, Wi-Fi Alliance. “WPA3 continues the evolution of Wi-Fi security and maintains the brand promise of Wi-Fi Protected Access.”

Earlier this year, the Wi-Fi Alliance introduced * enhancements and new features for Wi-Fi Protected Access, the essential family of Wi-Fi certified technologies, to ensure WPA2 maintains strong security protections as the wireless landscape evolves. WPA2 continues to be mandatory for all Wi-Fi certified devices. As market adoption of WPA3 grows, the new generation of Wi-Fi security will become required for all Wi-Fi certified devices. WPA3 maintains interoperability with WPA2 devices through a transitional mode of operation, and Wi-Fi users can remain confident they are protected when connected to secured Wi-Fi certified networks.

Wi-Fi Easy Connect

Wi-Fi Alliance is also introducing Wi-Fi certified Easy Connect, a new program that reduces the complexity of onboarding Wi-Fi devices with limited or no display interface — such as devices coming to market for Internet of Things (IoT) — while still maintaining high security standards. Wi-Fi Easy Connect™ enables users to securely add any device to a Wi-Fi network using another device with a more robust interface, such as a smartphone, by simply scanning a product quick response (QR) code. Wi-Fi Easy Connect and WPA3 represent the latest evolution in Wi-Fi Alliance programs to ensure users receive a positive experience while remaining securely connected as the security landscape evolves.

Wi-Fi Easy Connect user experience SOURCE: Wi-Fi Alliance WPA3

“The evolution of Wi-Fi to stay ahead of market needs has been critical to it remaining one of wireless technology’s greatest success stories,” said Phil Solis, Research Director for IDC. “Wi-Fi Alliance has been instrumental in Wi-Fi’s evolution, and diligent about delivering Wi-Fi CERTIFIED programs so users and a variety of markets can rely on the convenience of Wi-Fi connectivity and security to meet their needs.”

Wi-Fi Alliance recently introduced Wi-Fi certified Open, a certification program that delivers new benefits for users in open Wi-Fi networks. In scenarios where user authentication is not desired or distribution of credentials is impractical — such as local coffee shops or guest networks with a web portal in airports, hotels, and sports arenas — Wi-Fi Enhanced Open now delivers improved data protections while maintaining the convenience and ease-of-use of open networks.

Industry support for WPA3 and Wi-Fi Easy Connect

“2018 is a transformative year for Wi-Fi with new standards being published such as WPA3, which is the latest evolution of Wi-Fi Protected Access, taking security to a level of robustness and resiliency not seen before. Coupling WPA3 with the promise of 802.11ax’s efficiency will allow Wi-Fi to reach levels of security and performance unimaginable only a few years ago.” — Alan Amrod, SVP & GM, Products & Marketing, Aerohive Networks

“Security has always been a key component of Wi-Fi’s broad appeal and Wi-Fi Alliance’s certifications. Ruckus is in full support of continuing to evolve the certification of security standards to meet potential new threats. We are actively developing new software to take full advantage of Wi-Fi CERTIFIED WPA3 for the benefit of our customers and their millions of end users around the world.” — said Mark Hamilton, Principal Networking Standards Engineer, Ruckus Networks, an ARRIS Company

“As Wi-Fi evolves to deliver more value in an ever expanding array of use cases, it’s important that security evolves too. WPA3’s new features, such as improved password based authentication and stronger encryption, will further simplify and strengthen how consumers and businesses connect to the Internet every day.” — Vijay Nagarajan, senior director of marketing for Wireless Communications and Connectivity division at Broadcom

Cisco is in full support of Wi-Fi Alliance’s continual focus on security evolution to WPA3. The WPA3 program will bring much needed upgrades to wireless security protecting all levels of customers from consumer to enterprise/government. Cisco is committed to integrating WPA3 features into our Aironet Access Points and Wireless Controllers via a firmware upgrade so that our existing and new customers can take advantage of the capabilities offered by WPA3. — Greg Dorai, Vice President Cisco WLAN, Cisco

“WPA3 and Wi-Fi Enhanced Open provide a comprehensive security offering without added complexity. With WPA3, users will receive better experiences with passwords that are easier to remember and manage, and IT will be able to ensure consistent and strong cryptography throughout their infrastructure. Aruba has already begun to incorporate and certify WPA3 for future designs to ensure the most advanced protection for our customer’s data.” — Dan Harkins, Distinguished Technologist, Aruba, a Hewlett Packard Company

“WPA3 is another milestone for the Wi-Fi industry, the extreme high throughput and enhanced security delivered by Wi-Fi will provide an excellent end-user experience in both consumer and enterprise markets. We are pleased to see Wi-Fi to continue to enable the digital transformation in many sectors and businesses.” — Dr. Wen Tong, Huawei Fellow, CTO, Huawei Wireless

“WPA3 brings critical updates to Wi-Fi security for personal and enterprise networks. Intel supports WPA3 and through our involvement in the test bed, we are helping our customers incorporate WPA3 into their products for enhanced security protections.” — Eric Mclaughlin — GM, CCG Wireless, Intel

“Marvell has worked in close cooperation with Wi-Fi Alliance on Wi-Fi CERTIFIED WPA3 and Wi-Fi Easy Connect. WPA3 builds on the widespread adoption of WPA2 and delivers a high level of security for both personal and enterprise Wi-Fi networks. We support these latest programs as together they provide strong protection against security threats while also enhancing the connectivity user experience for our customers.” — Mark Montierth, VP and GM of the Wireless Connectivity Business Unit at Marvell

“Hospitals are keenly aware of the critical importance of data privacy and security, and maintaining a robust security policy means accessing the strongest security measures available. Philips applauds Wi-Fi Alliance for building upon the success of WPA2 with the latest security mechanisms now available in WPA3.” — Phil Raymond, Director, Wireless CoE, MA&TC CTO Office, Philips Healthtech

“Qualcomm Technologies is committed to safeguarding the trust that millions of users and businesses put in Wi-Fi every day. We are proud to be among the first companies to support WPA3 across our portfolio of mobile and networking infrastructure products, and we are working closely with Wi-Fi Alliance and key stakeholders to accelerate its adoption throughout all major industries and ecosystems that rely on Wi-Fi.” — said Rahul Patel, senior vice president and general manager, connectivity and networking, Qualcomm Technologies, Inc.

“Silicon Motion proudly supports the industry transition to WPA3. Our new low power Wi-Fi SoC, built for IoT applications, supports both the mandatory and optional elements of WPA3 so that our customers can enable the highest level of security possible for their Wi-Fi and low power IoT applications.” — David Cohen, Sr. Marketing Director, Silicon Motion, Inc.