For years now, the best personal Wi-Fi protection you could enable was known as WPA2 — or the second generation of Wi-Fi Protected Access. It’s a standard network security feature that enables AES encryption through a password.
Now the Wi-Fi Alliance has announced a new security protocol called WPA3, an updated standard that provides more security — and a very timely upgrade in a world that’s increasingly threatened by data hacks and wireless data theft.
How WPA works
WPA uses what’s usually called a “handshake” security check system. This handshake is designed to make sure that all the devices involved in the wireless connection are on the same page and working correctly.
In WPA2, that means a four-way handshake between the two client devices connected and the two wireless access points those devices are using to. The WPA2 system takes a look at all these devices and asks, “All right, does everyone have the same password? Good. Now I’m going to encrypt this data as it’s transferred through, and help you decrypt it at the other end when the transfer is complete. Let’s get started.”
The big advantage to this system is that it prevents many casual types of data theft that could otherwise occur—or at least makes them too difficult to be worth the effort. You see, many Wi-Fi hacking attempts use man-in-the-middle hacks or similar approaches that attempt to intercept wireless data as it is being transferred. WPA2 technology encrypts that data during that stage, making it essentially useless to hackers even if they manage to obtain it.
How WPA3 differs from WPA2
WPA2 worked very well for a long time, but it is starting to get a little outdated by the progress of technology, and the latest efforts of determined hackers trying steal your sweet data. WPA3 adds four new features to the encryption process to keep it current.
Better guest access encryption: You know those guest Wi-Fi networks where you sign in and use the internet at a coffee shop or library? They are really unsafe. WPA3 adds what it calls individualized data encryption, which means that your individual connection to an open wireless network will be encrypted, even if that network is not protected by an overarching password. This is a very big and absolutely necessary change.
Updated handshake: The old WPA2 security has been proven vulnerable to hardware-level attacks and password vulnerabilities (using an easy password is still a dumb move). To help prevent new vulnerabilities from affecting WPA, the updated standard uses a new type of handshake that adds extra protection against password-crackers and similar brute force types of hacking.
Better relations with the Internet of Things: WPA2 was primarily designed to work with traditional mobile devices like phones and laptops-devices with screens you could use to input passwords and control wireless settings. But now we have a vast crop of smart devices that don’t have their own screens for inputs, with apps that aren’t really made to manage wireless connections in detail. To make everything much simpler, WPA3 includes new measures to configure security for devices without screens. We don’t know exactly how this is going to work yet, but it probably involves some sort of pairing the way you pair Bluetooth devices or game controllers.
192-bit security suite: What does this mean? Basically, it’s extra-advanced security that uses CNSA (Commercial National Security Algorithm). That means it meets requirements for high-level government work, defense agencies, and super secret industrial projects. Basically, those organizations will be more free to use Wi-Fi networks with the new standard.
How manufacturers get WPA3
Okay, the real question here is, “When can I, the consumer, have access to this new standard?” The answer depends. WPA3 is a very big upgrade for wireless devices, so it’s not like a simple patch can upgrade all your current devices. Manufacturers will need to build devices from the ground up to comply with WPA3, and they have to include all four major changes to qualify for full WPA certification.
Additionally, a single WPA3 device isn’t going to do you much good. You need end user devices (laptops, phones, etc.) and all access points to also use WPA3 to get useful protection. That’s probably not going to happen for at least several years.
However, the first WPA3 devices, like routers, should be making an appearance in 2018, allowing the conversion process to begin. In the beginning, such routers will no doubt support by WPA3 and WPA2 so devices that use either can connect.
