I recently listened to the Demystifying WPA and the WPA3 Security Standard podcast and it made me think about how we got to where we came with wireless security access, our network, our users and more.
For those of you who have not forgotten the days of WEP-40 and then WEP-128, we really thought those days were great! Until we realized how vulnerable and easy the keys were to compromise – where people literally WEPONIZED our wireless networks. But it is perfect because we have taken care of that problem. We cleaned our desks and introduced Wi-Fi Protected Access (WPA), and that was safe. End of story, nothing to add.
Oh, except that WPA and WPA2 have proved vulnerable through Key Recalling Attacks (KRACK) and PMKID vulnerabilities in pre-shared key sets, and in so many other ways. (Who would have thought that WPA2, a 15 year old protocol could easily be compromised!)
So wait a minute. We said we want WPA3! WE WANT IT NOW! Exactly. We want it now.
I have good news and bad news
The bad news is that every supplier on the market does not yet have WPA3. Some may require the purchase of new hardware or various investments in wholesale to make it a suitable and applicable solution.
The good news however? (I mean that this is the Aruba blog site after all.) The good news is that Aruba is at the forefront of ratifying, implementing and accepting WPA3. We have WPA3 available today in a number of access points within the entire network and wireless portfolio! Pretty exciting right?!
Yes, but what's the problem with WPA3?
I mean, what exactly does WPA3 solve? Glad you asked! I created this handy table to refer to. This is not an exhaustive list, but it certainly offers a look at some of the more exciting pieces. Not to mention, I can't easily do that & # 39; yes & # 39; in the WEP / WPA / WPA2 landscape, so it's nice to & # 39; yes & # 39; to be able to say to the exit.
Of course, the landscape of wireless, wireless security and standards is long, detailed and complicated (read WPA3 and Enhanced Open: Next Generation Wi-Fi Security as a good introduction).
There is so much to learn about Opportunistic Wireless Encryption (OWE), Simultaneous Authentication or Equals (SAE) and any other part of the WPA3 family that helps to make networks not only more secure but also much more secure than our standards of the past. .
Hopefully you learned something new today, something new for tomorrow and enjoyed my little card. So maybe your wifi can say "yes" to the output.
The Aruba Airheads community is built on, by and for people like you. So, defend your voice and your understanding of technologies such as this. Be the wifi that you want to see in this world!
WPA3: The next generation in safe mobility
Dragonblood: an analysis of the WPA3-SAE handshake
About the author
Christopher Kusek is the CTO of Xiologix and manages the engineering organization. Christopher and his team evaluate the business and technical requirements of customers and architect solutions that meet the wishes of the customer …