The Consumer Electronics Show 2018 produced some big talking points, with home automation technology being the hottest among them all. However, somewhat odd to the trend, Wi-Fi Alliance used the massive trade show to announce an enterprise product, Wi-Fi Protected Access 3 (WPA3).
WPA3 brings a major upgrade to Wi-Fi security, greatly increasing the security capabilities of the wireless standard. This upgrade was way overdue given the fact that the current standard in wireless security, WPA2, has been around for 14 years. Also, a major vulnerability in WPA and WPA2 called KRACK (Key Reinstallation Attack) came to light last year. So this is a timely security upgrade by Wi-Fi Alliance.
Though not much of technical details about the upgrade has been disclosed yet, the Alliance has made three major enhancements to the existing WPA2 standard.
A security protocol for peoples who use weak passwords as well as protection against dictionary attacks - to try and brute force the password.
WPA3 has a simplified security management process for devices with a limited display screen. This is again a timely introduction, given that Internet of Things (IoT) devices with limited (or zero) display are the fastest growing Wi-Fi devices at the moment.
The third enhancements made in WPA3 provides a stronger security in open Wi-Fi networks. WPA3 will give each user individualized data encryption without the need to configure a network password.
Despite the disclosure of KRACK vulnerability, WPA2 is not being retired immediately. WPA3 certified products are expected to be shipping later this year. Since devices require certification to use WPA3, it's likely that most of the existing Wi-Fi devices will continue using the WPA2 standard. However, it entirely depends on the device manufacturers. If they deem a device to be WPA3 compatible, a firmware update can bring their devices to the latest Wi-Fi security standard.