Alliance aims to thwart nosy Wi-Fi spies with new security standards

Saturday, 13 Jan, 2018

To that end, the Wi-Fi Alliance has announced some of the new capabilities that will emerge this year as part of WPA3.

For now, WPA2 will still be deployed in Wi-Fi devices - with some improvements to help guarantee strong security protection for users.

Traffic streams between the access point and end-user devices will now be encrypted independently, improving privacy and security.

"Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new features to the Wi-Fi CERTIFIED family of security solutions", concludes Edgar Figueroa, president and CEO of Wi-Fi Alliance. Wi-Fi Protected Access 3 (WPA3) has actually been around for quite some time, but now might finally be coming into play on upcoming routers.

In conjunction with this week's commencement of CES - letters that once stood for Consumer Electronics Show and now come meaning-free - the Wi-Fi Alliance on Monday heralded the arrival of WPA3 as the successor to WPA2, the flawed but widely used network security protocol for Wi-Fi communication. However, for now, WPA2 will remain the standard in Wi-Fi devices.

The alliance is also making upgrades to its current WPA2 standard, pushing testing enhancements that will reduce the potential of network misconfigurations. It will prevent hackers from trying to guess every possible combination of a password.

"Two of the features will deliver robust protections even when users choose passwords that fall short of typical complexity recommendations, and will simplify the process of configuring security for devices that have limited or no display interface". One is "individualized data encryption" in open networks, such as those found in public places, ensuring that data between your device and the router can't be easily snooped.

The technology is expected to arrive on shelves sometime this year, with prices varying wildly depending on the device. Via Twitter, Mathy Vanhoef, a postdoctoral computer security researcher at Belgium's KU Leuven, speculates that this may be an implementation of Opportunistic Wireless Encryption (OWE), a proposed extension to the 802.11 wireless standard.