Wi-Fi Alliance Announces WPA3, the Successor to Wi-Fi's WPA2 Security Protocol

The Wi-Fi Alliance -- comprising 15 major sponsor members (including Apple, Cisco, Dell, Intel, Microsoft, Qualcomm and more) and hundreds of contributing members -- has announced
that WPA3 will be introduced during 2018. 

WPA3 is not an immediate replacement for WPA2, which will continue to be maintained and enhanced. In particular, the Alliance will introduce new testing enhancements for WPA2 to reduce
the potential for vulnerabilities caused by network misconfigurations; and will further safeguard managed networks with centralized authentication services.

New Wi-Fi Alliance WPA3 certified devices will take some time to filter into widespread use. Use of the new specification will require WPA3 devices and WPA3 routers -- and since the
vast majority of home wi-fi users never buy a router but use the one supplied by their ISP, many users won't become WPA3 compatible before they change ISPs. That could take several years.

Nevertheless,
there are some welcome enhancements over the WP2 specification that has kept users largely, but not entirely, protected for around two decades.

Four new capabilities for both personal and enterprise networks have been announced. There are no technical details in the Wi-Fi announcement, leading to some conjecture over exactly
how they will be introduced.

The first will be to provide "robust protections" even when the user fails to use a strong password. Mathy Vanhoef, the researcher who discovered the KRACK
WPA2 vulnerability, has suggested on Twitter, "That means dictionary attacks no longer work. The handshake
they're referring to is likely Simultaneous Authentication of Equals (SAE). Which is also called Dragonfly;" adding, "The standards behind WPA3 already existed for a while. But now devices are  *required* to support them, otherwise they're won't receive the
"WPA3-certified" label."

The second will simplify the process of configuring security on wi-fi devices that have limited or no display interface. The obvious use will be for small personal devices, like wearables
such as smart watches -- but it could also play some role in improving the future security of the industrial internet of things.

The third will improve the security of open wi-fi hotspots -- such as cafes, hotels and airport lounges -- by giving each user individualized data encryption. On this, Vanhoef commented,
"This might refer to Opportunistic Wireless Encryption: encryption without authentication." It won't make the use of wi-fi hotspots completely secure, but should go some way to reassuring security officers who know that corporate employees work from hotspots
while traveling.

The fourth will be a 192-bit security suite aligned with the Commercial National Security Algorithm (CNSA) Suite, that will further protect wi-fi networks with higher security requirements;
such as government, defense, and industrial.

We can expect that new WPA3 devices will start to appear over the next few months -- particularly since many of the manufacturers will be members of the Alliance. However, the devices
will need wait for the launch of the Wi-Fi Alliance's formal certification process before they can be truly called such. The Wi-Fi Certified designation will be important to reassure buyers.

"Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new features to the Wi-Fi CERTIFIED family of security solutions," commented Edgar
Figueroa, president and CEO of Wi-Fi Alliance. "The Wi-Fi CERTIFIED designation means Wi-Fi devices meet the highest standards for interoperability and security protections."

WPA3在2018年为无线安全添砖加瓦的更多相关文章

  1. 无线:WPA

    WPA全名为Wi-Fi Protected Access,有WPA和WPA2两个标准,是一种保护无线电脑网络(Wi-Fi)安全的系统,它是应研究者在前一代的系统有线等效加密(WEP)中找到的几个严重的 ...

  2. rbac权限控制,基于无线分类

    2018年9月18日11:21:28 数据库结构 CREATE TABLE `admin` ( `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT, `c ...

  3. [ZZ] [精彩盘点] TesterHome 社区 2018年 度精华帖

    原文地址: https://testerhome.com/topics/17646 相逢即是缘分,总有一篇适合您! 感觉好的请点赞收藏 ,感觉分类不严谨的,欢迎反馈给我! 测试方法&测试管理 ...

  4. 2018谷歌I/O开发者大会8大看点汇总 新品有哪些

    2018谷歌I/O开发者大会8大看点汇总 新品有哪些美国科技媒体The Verge近日撰文,列举了在即将召开的2018年谷歌I/O开发者大会上的8大看点,包括Android P.人工智能等等. 以下为 ...

  5. Gartner:2018人工智能技术成熟度曲线

    https://www.secrss.com/articles/4392 人工智能被广为关注,但是一些想法恐难达到预期.本成熟度曲线将追踪AI基本趋势和未来创新,以确定人工智能技术发展的范围.状态.价 ...

  6. 导航狗IT周报-2018年05月27日

    原文链接:https://www.daohanggou.cn/2018/05/27/it-weekly-9/ 摘要: “灰袍技能圈子”将闭圈:物理安全:为什么我们现在的生活节奏越来越快? 技术干货 1 ...

  7. LTE-V2X车联网无线通信技术发展

    2017年9月7日,国家制造强国建设领导小组车联网产业发展专项委员会第一次全体会议在北京召开.会议要求“要加大关键产品研发攻关力度,完善测试验证.技术评价.质量认证等公共服务平台,促进LTE-V2X车 ...

  8. 思科安全:加密流量威胁检测、加密流量威胁和恶意软件检测、识别无线干扰或威胁、Talos 情报源可加强对已知和新型威胁的防御、分布式安全异常检测

    思科DNA竞品比较工具 您的网络能够驱动数字化转型吗? 根据IDC调查,45%的受调研公司计划在未来两年内做好网络数字化的准备.查看数字化网络带来的结果和商业价值. 下载报告 思科 HPE 华为 Ar ...

  9. 无线冲方案 MCU vs SoC

    参考: MCU还是SoC:2018无线充电技术走向何方? 方案 分立/集成 特点 框图 MCU方案 分立方案 MCU芯片负责Qi协议的运算和外围电路控制,ST MCU居多:单线圈,双线圈,三线圈都有: ...

随机推荐

  1. 4月22 mysql常用函数

    一.数学函数 数学函数主要用于处理数字,包括整型.浮点数等. ABS(x) 返回x的绝对值 SELECT ABS(-1) -- 返回1 CEIL(x),CEILING(x) 返回大于或等于x的最小整数 ...

  2. C++笔试题总结

    1.C和C++的特点与区别? 答:(1)C语言特点:1.作为一种面向过程的结构化语言,易于调试和维护: 2.表现能力和处理能力极强,可以直接访问内存的物理地址: 3.C语言实现了对硬件的编程操作,也适 ...

  3. Hadoop设置任务执行队列及优先级

    Hive设置方法: SET mapreduce.job.queuename=root.up; SET mapreduce.job.priority=HIGH; set tez.queue.name=c ...

  4. maven配置多仓库镜像(转)

    原文地址:maven配置多仓库镜像 问题场景: 1.国内访问maven默认远程中央镜像特别慢 2.用阿里的镜像替代远程中央镜像 3.大部分jar包都可以在阿里镜像中找到,部分jar包在阿里镜像中没有, ...

  5. zzw原创_Red Hat Enterprise Linux Server release 6.5 安装mysql5.5.28版本

    1.查看系统版本 [root@ip12189 ~]#  more /etc/issueRed Hat Enterprise Linux Server release 6.5 (Santiago)Ker ...

  6. Android应用启动时Activity被创建两次

    项目需要使用到播放器,用开源的ijkplayer播放器改装. 但是在调试过程中Activity的OnCreate()被调用两次,调试时直接连接手机调试,有时候又不一定是两次. 后来偶尔看到一句话 “当 ...

  7. git通过diff文件,合并未上传代码库代码

    今天有段代码需要从别人的机器上同步到本地,但是这段代码还没上库,所以要么将这部分代码打包传过来,或者,用下面的办法. 由于代码修改涉及多个文件,打包搞过来确实比较麻烦,在网上找了下,发现可以用git ...

  8. shiro jwt 构建无状态分布式鉴权体系

    一:JWT 1.令牌构造 JWT(json web token)是可在网络上传输的用于声明某种主张的令牌(token),以JSON 对象为载体的轻量级开放标准(RFC 7519). 一个JWT令牌的定 ...

  9. swagger注释@API详细说明

    swagger是当前最好用的Restful  API文档生成的开源项目,通过swagger-spring项目实现了springMVC框架的无缝集成功能,方便生成restful风格的接口文档, 同时,s ...

  10. mysql如何让自增id从某个位置开始设置方法

    一般情况下两种方式: 1.本地数据不需要的情况下直接情况表(尽量不使用