Wi-Fi Alliance Announces WPA3, the Successor to Wi-Fi's WPA2 Security Protocol

The Wi-Fi Alliance -- comprising 15 major sponsor members (including Apple, Cisco, Dell, Intel, Microsoft, Qualcomm and more) and hundreds of contributing members -- has announced
that WPA3 will be introduced during 2018. 

WPA3 is not an immediate replacement for WPA2, which will continue to be maintained and enhanced. In particular, the Alliance will introduce new testing enhancements for WPA2 to reduce
the potential for vulnerabilities caused by network misconfigurations; and will further safeguard managed networks with centralized authentication services.

New Wi-Fi Alliance WPA3 certified devices will take some time to filter into widespread use. Use of the new specification will require WPA3 devices and WPA3 routers -- and since the
vast majority of home wi-fi users never buy a router but use the one supplied by their ISP, many users won't become WPA3 compatible before they change ISPs. That could take several years.

Nevertheless,
there are some welcome enhancements over the WP2 specification that has kept users largely, but not entirely, protected for around two decades.

Four new capabilities for both personal and enterprise networks have been announced. There are no technical details in the Wi-Fi announcement, leading to some conjecture over exactly
how they will be introduced.

The first will be to provide "robust protections" even when the user fails to use a strong password. Mathy Vanhoef, the researcher who discovered the KRACK
WPA2 vulnerability, has suggested on Twitter, "That means dictionary attacks no longer work. The handshake
they're referring to is likely Simultaneous Authentication of Equals (SAE). Which is also called Dragonfly;" adding, "The standards behind WPA3 already existed for a while. But now devices are  *required* to support them, otherwise they're won't receive the
"WPA3-certified" label."

The second will simplify the process of configuring security on wi-fi devices that have limited or no display interface. The obvious use will be for small personal devices, like wearables
such as smart watches -- but it could also play some role in improving the future security of the industrial internet of things.

The third will improve the security of open wi-fi hotspots -- such as cafes, hotels and airport lounges -- by giving each user individualized data encryption. On this, Vanhoef commented,
"This might refer to Opportunistic Wireless Encryption: encryption without authentication." It won't make the use of wi-fi hotspots completely secure, but should go some way to reassuring security officers who know that corporate employees work from hotspots
while traveling.

The fourth will be a 192-bit security suite aligned with the Commercial National Security Algorithm (CNSA) Suite, that will further protect wi-fi networks with higher security requirements;
such as government, defense, and industrial.

We can expect that new WPA3 devices will start to appear over the next few months -- particularly since many of the manufacturers will be members of the Alliance. However, the devices
will need wait for the launch of the Wi-Fi Alliance's formal certification process before they can be truly called such. The Wi-Fi Certified designation will be important to reassure buyers.

"Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new features to the Wi-Fi CERTIFIED family of security solutions," commented Edgar
Figueroa, president and CEO of Wi-Fi Alliance. "The Wi-Fi CERTIFIED designation means Wi-Fi devices meet the highest standards for interoperability and security protections."

WPA3在2018年为无线安全添砖加瓦的更多相关文章

  1. 无线:WPA

    WPA全名为Wi-Fi Protected Access,有WPA和WPA2两个标准,是一种保护无线电脑网络(Wi-Fi)安全的系统,它是应研究者在前一代的系统有线等效加密(WEP)中找到的几个严重的 ...

  2. rbac权限控制,基于无线分类

    2018年9月18日11:21:28 数据库结构 CREATE TABLE `admin` ( `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, `c ...

  3. [ZZ] [精彩盘点] TesterHome 社区 2018年 度精华帖

    原文地址: https://testerhome.com/topics/17646 相逢即是缘分,总有一篇适合您! 感觉好的请点赞收藏 ,感觉分类不严谨的,欢迎反馈给我! 测试方法&测试管理 ...

  4. 2018谷歌I/O开发者大会8大看点汇总 新品有哪些

    2018谷歌I/O开发者大会8大看点汇总 新品有哪些美国科技媒体The Verge近日撰文,列举了在即将召开的2018年谷歌I/O开发者大会上的8大看点,包括Android P.人工智能等等. 以下为 ...

  5. Gartner:2018人工智能技术成熟度曲线

    https://www.secrss.com/articles/4392 人工智能被广为关注,但是一些想法恐难达到预期.本成熟度曲线将追踪AI基本趋势和未来创新,以确定人工智能技术发展的范围.状态.价 ...

  6. 导航狗IT周报-2018年05月27日

    原文链接:https://www.daohanggou.cn/2018/05/27/it-weekly-9/ 摘要: “灰袍技能圈子”将闭圈:物理安全:为什么我们现在的生活节奏越来越快? 技术干货 1 ...

  7. LTE-V2X车联网无线通信技术发展

    2017年9月7日,国家制造强国建设领导小组车联网产业发展专项委员会第一次全体会议在北京召开.会议要求“要加大关键产品研发攻关力度,完善测试验证.技术评价.质量认证等公共服务平台,促进LTE-V2X车 ...

  8. 思科安全:加密流量威胁检测、加密流量威胁和恶意软件检测、识别无线干扰或威胁、Talos 情报源可加强对已知和新型威胁的防御、分布式安全异常检测

    思科DNA竞品比较工具 您的网络能够驱动数字化转型吗? 根据IDC调查,45%的受调研公司计划在未来两年内做好网络数字化的准备.查看数字化网络带来的结果和商业价值. 下载报告 思科 HPE 华为 Ar ...

  9. 无线冲方案 MCU vs SoC

    参考: MCU还是SoC:2018无线充电技术走向何方? 方案 分立/集成 特点 框图 MCU方案 分立方案 MCU芯片负责Qi协议的运算和外围电路控制,ST MCU居多:单线圈,双线圈,三线圈都有: ...

随机推荐

  1. 第二阶段——个人工作总结DAY03

    1.昨天做了什么:昨天实现了一个活动跳转到另一个活动. 2.今天做了什么:今天打算将所有的都实现,并且只用一个监听事件封装. 3.遇到的困难:无.

  2. oracle坏块处理记录

    1. 执行sql:select count(distinct id) from bw_fpzxx ,报错如下: ORA-01578: ORACLE 数据块损坏 (文件号 16, 块号 195428)O ...

  3. 一、ZooKeeper学习

    一.什么是ZooKeeper? ZooKeeper是一个分布式应用的开源协调服务.目的就是给用户提供同步.配置管理.分组和命名等服务.是Java语言编写的,支持Java和C两种语言.通俗的讲,它就是用 ...

  4. java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0).

    java.sql.SQLException: Parameter index out of range (1 > number of parameters, which is 0). at co ...

  5. NOIP2012国王游戏(60分题解)

    题目描述 恰逢 H国国庆,国王邀请n 位大臣来玩一个有奖游戏.首先,他让每个大臣在左.右手上面分别写下一个整数,国王自己也在左.右手上各写一个整数.然后,让这 n 位大臣排成一排,国王站在队伍的最前面 ...

  6. IIS无法启动,应用程序池自动关闭

    问题:打开网站中的资源,对应的应用程序池就自动停止 解决方案:在应用程序池上--右键--高级设置--进程模型--标识,更改了这项里的“内置账户”.将原有的“ApplicationPoolIdentit ...

  7. Win10系列:UWP界面布局基础6

    资源合并 前面提到过,可以将资源字典定义在单独的XAML文件中,这样的文件被称为资源字典文件.那么,在需要引用文件中的资源时可以通过ResourceDictionary元素的MergedDiction ...

  8. VS2010安装项目程序打包操作详解

    (转自:http://blog.sina.com.cn/s/blog_74f702e60101at62.html) 1.打开VS2010,选择 新建项目---其他项目类型---Visual Studi ...

  9. QuickStart系列:docker部署之PostgreSQL

    mysql --> mariadb --> postgresql 官网简介 https://www.postgresql.org/ 使用的镜像名称 centos/postgresql-96 ...

  10. vue中的axios

    数据的获取最常用的就是用ajax,但在vue框架中,axios则更为方便.它是基于es6的promise 以下内容引用自[最骚的就是你] 不再继续维护vue-resource,并推荐大家使用 axio ...