Home
We always use wifi & do we care on our wifi security? Today I’m going to explain about the security types of wifi & latest security method of wifi that called WPA3.
Due to the problems of WEP methodology in the past, WPA also developed new versions of it and today the security of wireless technology has improved to WPA3. These security guards are ready to look into the shortcomings of the journey so far and the features of the new standard.
The journey from WEP to WPA
WEP or Wired Equivalent Privacy is an IEEE Wi-Fi standard with a basic level of encryption. Approved in 1997, it meant providing the same level of security or privacy as wired communications at the time. Its key is a hexadecimal value of 10 or 26. It’s so easy to break now that anyone with publicly available free software like Aircrack-ng can access such a network. It retired from the Wi-Fi Alliance in 2004 due to security vulnerabilities.
The most commonly used version of Wi-Fi Protected Access (WPA) is now. Improving the WPE standard, the WPA algorithm has been able to upgrade WIP devices since 2003 through firmware updates. The MAC or Message Authentication Code (Message Authentication Code) could not change the information communicated to a third party attacker. WPA2 and WPA3 came later as improved versions here.
The risk that the WPA had
WPA has a higher level of security than WEP, but it also lopsided. It also had a strong Pre-Shared Key. Because it was 256-bit WPA-PSK, it encoded better than WEP. But WPA had inherited disabilities from its WEP father. Both had RC4, Stream (cipher) cryptography. This vulnerability affected the Temporal Key Integrity Protocol (TKIP).
TKIP is a good method. Its uniqueness lies in the fact that every data packet exchanged between devices contains a key. But the old WEP devices at that time had to be taken into consideration so it was not installed successfully. Eventually, the new standard TKIP WPA system showed the same problems with the problematic WEP system.
The arrival of WPA2
WPA2 in 2006 ended WPA (1). This solved the problems of WEP and WPA and ensured greater security. With this came the introduction of the AES or Advanced Encryption Standard for consumer WiFi devices. AES was more successful than the RC4 methodology that could have been cracked at the time, and it is still used in many Internet services today.
To solve the TKIP problem in WEP, a prototype with a 128-bit key running under AES called CCMP was added. But TKIP was not removed to support older WEP devices as well. TKIP was used independently when they were connected.
Problem with WPA2 too
The first problem identified in WPA2 was the KRACK attack. Called the Key Reinstallation Attack, it attacks the WPA2 protocol directly and takes over all Wi-Fi connections. This allows a hacker to break WPA2’s four-way handshake and make changes. That is, by giving the opportunity to insert a new key into the secure connection.
When a key is changed it is difficult to identify whether it has been changed and the connection seems secure and the data circulating through it can go to a third party. This is a problem when connecting to the Internet via WiFi devices in public places, rather than at home.
WPA3 is coming!
WPA3 is a modern security system introduced in 2018 that brings more security than WPA2. The WiFi Alliance, which endorses world standards for Wi-Fi, has now begun certifying new devices. Qualcomm is preparing updates for its chips and Cisco is preparing updates for its devices, while other companies are working to roll out the new security features to their customers. It will say “Wi-Fi CERTIFIED ™ WPA3” on the devices used.
There are many types of Internet access in modern public places. Wi-Fi is now available in many public places in Sri Lanka, including airports, bus stops, and restaurants. WiFi has a login page but this can be hacked and the hacker has the opportunity to see the websites we visit and change their information. Websites with HTTPS are now rapidly evolving so the problem is avoided, but HTTP is not dead yet.
WPA3’s personalized data encryption solves WPA2 issues. Here the connection between our device and the router is encrypted even when connected to an open network (password-free WiFi service). This prevents even the aforementioned KRACK attacks and even Mathy Vanhoef, who found that KPAC2 can attack WPA2, is happy with the new WPA3.
When will it be available?
Although various companies have reported that WPA3 will be updated to their new devices as well as older ones, the Wi-FI Alliance has not yet specified specific updates for existing devices. A special feature of WPA3 certification is that all devices must support it. As a result, manufacturing companies will have to pay more attention to certifying new devices and it is expected that existing devices will be updated after selling new devices to consumers.
On the other hand, companies like Qualcomm are now offering WPA3 for wireless chips for phones and laptops, but the devices that contain them are expected to arrive in the middle or late this year. To get the most out of WPA3, both the router and the connecting device must be WPA3 enabled.
Useful links
