Released in 2018, WPA3 is an updated and more secure version of the Wi-Fi Protected Access Protocol for secure wireless networks. As we described in comparing WPA2 to WPA, WPA2 has been the recommended way to protect your wireless network since 2004 because it is more secure than WEP and WPA. WPA3 makes additional security enhancements that make it more difficult to enter networks by guessing passwords; it also makes it impossible to decrypt data captured in the past, that is, before the key (password) was decrypted. Difference Between WPA2 and WPA3
When the Wi-Fi alliance announced the technical details of WPA3 in early 2018, its press release featured four main features: a new and more secure exchange of hands to establish connections, an easy method to add new devices to the network of safe way, some basic protection when using open hotspots, and finally increasing the size of the keys.
The final spec only calls for the new handshake, but some vendors will implement the other features as well.
Comparative graph Difference Between WPA2 and WPA3
WPA2 versus WPA3 comparison chart:
|It represents||Wi-Fi Protected Access 2||Wi-Fi Protected Access 3|
|What is it?||A security protocol developed by the Wi-Fi Alliance in 2004 for use in protecting wireless networks; Designed to replace WEP and WPA protocols.||Released in 2018, WPA3 is the next generation of WPA and has better security features. Protects against weak passwords that can be relatively easily cracked through guesswork.|
|Methods||Unlike WEP and WPA, WPA2 uses the AES standard instead of RC4 stream encryption. CCMP replaces WPA’s TKIP.||128-bit encryption in WPA3-Personal mode (192-bit in WPA3-Enterprise) and forwarding secret. WPA3 also replaces Pre-Shared Key Exchange (PSK) with Concurrent Peer Authentication, a more secure way to perform the initial key exchange.|
|Safe and Recommended?||WPA2 is recommended over WEP and WPA, and is more secure when Wi-Fi Protected Setup (WPS) is disabled. It is not recommended over WPA3.||Yes, WPA3 is more secure than WPA2 in the ways discussed in the essay below.|
|Protected Management Frameworks (PMF)||WPA2 requires PMF support since early 2018. Older routers with unpatched firmware may not support PMF.||WPA3 enforces the use of Protected Management Frameworks (PMF)|
Contents: WPA2 vs WPA3
- 1 new handshake: Simultaneous Peer Authentication (SAE)
- 1.1 Resistant to offline decryption
- 1.2 Forward Secret
- 2 Opportunistic Wireless Encryption (OWE)
- 3 Device Provisioning Protocol (DPP)
- 4 longer encryption keys
- 5 security
- 6 Support for WPA3
- 7 recommendations
- 8 references
New Handshake: Simultaneous Authentication of Peers (SAE)
When a device tries to log into a password-protected Wi-Fi network, the steps to provide and verify the password are taken through a 4-way handshake. In WPA2, this part of the protocol was vulnerable to KRACK attacks:
In a key reinstallation attack [KRACK], the adversary tricks a victim into reinstalling a key that is already in use. This is accomplished by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, the associated parameters, such as the incremental transmit packet number (that is, nonce) and the receive packet number (that is, the repeat counter), are reset to their initial value. Essentially, to ensure security, a key should only be installed and used once.
Even with WPA2 updates to mitigate KRACK vulnerabilities, WPA2-PSK can be cracked. There are even how-to guides for hacking WPA2-PSK passwords.
WPA3 addresses this vulnerability and mitigates other issues by using a different exchange mechanism to authenticate on a Wi-Fi network: Simultaneous Peer Authentication, also known as Dragonfly Key Exchange.
Technical details on how WPA3 uses Dragonfly key exchange, which is itself a variation of SPEKE (Exponential Key Exchange Using Simple Password), are described in this video.
The advantages of Dragonfly key exchange are forward secrecy and resistance to offline decryption.
Resistant to offline decryption
A vulnerability in the WPA2 protocol is that the attacker does not have to stay connected to the network to guess the password. The attacker can sniff out and capture the 4-way handshake of an initial WPA2-based connection when close to the network. This captured traffic can be used offline in a dictionary-based password-guessing attack. This means that if the password is weak, it is easily breakable. In fact, alphanumeric passwords of up to 16 characters can be cracked quite quickly for WPA2 networks.
WPA3 uses the Dragonfly Key Exchange system, making it resistant to dictionary attacks. This is defined as follows:
Resistance to dictionary attack means that any advantage an adversary may gain must be directly related to the number of interactions he makes with an honest participant in the protocol and not through computation. The adversary will not be able to obtain any information about the password, except if an assumption of a protocol execution is correct or incorrect.
This feature of WPA3 protects networks where the network password, that is, the pre-shared key (PSDK) is weaker than the recommended complexity.
Secret Forward Difference Between WPA2 and WPA3
The wireless network uses a radio signal to transmit information (data packets) between a client device (for example, a phone or a laptop) and the wireless access point (router). These radio signals are broadcast openly and can be intercepted or “received” by anyone nearby. When the wireless network is protected by a password, either WPA2 or WPA3, the signals are encrypted so that a third party who intercepts them cannot understand the data.
However, an attacker can log all of this data that they are intercepting. And if they are able to guess the password in the future (which is possible through a dictionary attack in WPA2, as we have seen above), they can use the key to decrypt the data traffic recorded in the past on that network.
WPA3 provides forward secrecy. The protocol is designed in such a way that, even with the network password, it is impossible for an interceptor to snoop on the traffic between the access point and a different client device.
Opportunistic Wireless Encryption (OWE)
Described in this whitepaper (RFC 8110), Opportunistic Wireless Encryption (OWE) is a new feature in WPA3 that replaces the “open” 802.11 authentication that is widely used in access points and public networks.
This YouTube video provides a technical overview of OWE. The key idea is to use a Diffie-Hellman key exchange mechanism to encrypt all communication between a device and an access point (router). The decryption key for communication is different for each client that connects to the access point. Therefore, none of the other devices on the network can decrypt this communication, even if they listen to it (which is called sniffing). This benefit is called Individualized Data Protection – data traffic between a client and an access point is “individualized”; so while other clients can smell and record this traffic, they cannot decrypt it.
A great advantage of OWE is that it not only protects networks that require a password to connect; it also protects open “unsecured” networks that do not have password requirements, for example, wireless networks in libraries. OWE provides these networks with encryption without authentication. No provisioning, negotiations or credentials are required, it simply works without the user having to do anything or even knowing that their browsing is now more secure.
One caveat: OWE does not protect against “rogue” access points (APs) such as honeypot APs or evil twins that try to trick the user into connecting with them and stealing information.
Another caveat is that WPA3 supports but does not require mandated unauthenticated encryption. It is possible for a manufacturer to obtain the WPA3 label without implementing unauthenticated encryption. The feature is now called Wi-Fi CERTIFIED Enhanced Open, so buyers should look for this label in addition to the WPA3 label to ensure that the device they are purchasing supports unauthenticated encryption.
Device Provisioning Protocol (DPP)
Wi-Fi Device Provisioning Protocol (DPP) replaces less secure Wi-Fi Protected Setup (WPS). Many devices in home automation, or Internet of Things (IoT), do not have an interface for entering passwords and need to rely on smartphones to mediate their Wi-Fi settings.
Again, the caveat here is that the Wi-Fi Alliance has not required this feature to be used to achieve WPA3 certification. So technically it is not part of WPA3. Instead, this feature is now part of your Wi-Fi CERTIFIED Easy Connect program. So look for that label before buying WPA3 certified hardware.
DPP allows devices to authenticate on the Wi-Fi network without a password, either using a QR code or NFC (Near Field Communication, the same technology that powers wireless transactions on Apple Pay or Android Pay tags).
With Wi-Fi Protected Setup (WPS), the password is communicated from your phone to the IoT device, which then uses the password to authenticate to the Wi-Fi network. But with the new Device Provisioning Protocol (DPP), devices perform mutual authentication without a password.
Longer encryption keys
Most WPA2 implementations use AES 128-bit encryption keys. The IEEE 802.11i standard also supports 256-bit encryption keys. In WPA3, longer key sizes, the equivalent of 192-bit security, are required only for WPA3-Enterprise.
WPA3-Enterprise refers to enterprise authentication, which uses a username and password to connect to the wireless network, rather than just a password (also known as a pre-shared key) that is typical for home networks.
For consumer applications, the certification standard for WPA3 has made longer key sizes optional. Some manufacturers will use larger keys as they are now supported by the protocol, but it will be up to consumers to choose a router / access point that does.
Security Difference Between WPA2 and WPA3
As described above, over the years WPA2 has become vulnerable to various forms of attack, including the infamous KRACK technique for which patches are available but not for all routers and is not implemented by users because it requires a Firmware update..
In August 2018, another attack vector for WPA2 was discovered ..  This makes it easy for an attacker sniffing at WPA2 to get the hash of the preshared key (password). The attacker can use a brute force technique to compare this hash with the hashes of a list of commonly used passwords, or a guess list that deals with all possible variations of letters and numbers of varying length. When using cloud computing resources, it is trivial to guess any password under 16 characters.
In short, WPA2 security is just as bad, but only for WPA2-Personal. WPA2-Enterprise is much more resilient. Until WPA3 is widely available, use a strong password for your WPA2 network.
Support for WPA3
After its introduction in 2018, support is expected to take 12-18 months. Even if you have a WPA3 compliant wireless router, your old phone or tablet may not receive the necessary software updates for WPA3. In that case, the access point will roll back to WPA2 so that it can still connect to the router, but without the benefits of WPA3.
In 2-3 years, WPA3 will become mainstream, and if you are shopping for router hardware, it is recommended that your purchases are future proofed.
- Wherever possible, choose WPA3 over WPA2.
- When shopping for WPA3 certified hardware, look also for Wi-Fi Open Enhanced Open and Wi-Fi Easy Connect certifications. As described above, these features enhance network security.
- Choose a long and complex password (pre-shared key):
- use numbers, uppercase and lowercase letters, spaces, and even “special” characters in your password.
- Make it a phrase pass instead of a single word.
- Make it long – 20 characters or more.
- If you are shopping for a new wireless router or access point, choose one that supports WPA3 or plans to roll out a software update that is WPA3 compliant in the future. Wireless router vendors regularly release firmware updates for their products. Depending on how good the provider is, they release updates more frequently. eg after the KRACK vulnerability, TP-LINK was one of the first vendors to release patches for their routers. They also released patches for old routers. So if you are looking for which router to buy, look at the history of firmware versions released by that manufacturer. Choose a company that is diligent with its updates.
- Use a VPN when using a public Wi-Fi hotspot like a cafe or library, regardless of whether the wireless network is password-protected (that is, secure) or not.