Wi-Fi Alliance announces WPA3 encryption protocol

Published by

Click here to post a comment for Wi-Fi Alliance announces WPA3 encryption protocol on our message forum
#5508805
https://forums.guru3d.com/data/avatars/m/232/232130.jpg
Nice. Will it possible to implement WPA3 with software upgrade, or new hardware will be required? (Ex: getting a new smartphone, wi-fi router, etc...)
#5508822
data/avatar/default/avatar05.webp
Software should be possible, however the question still remains how many are going to do that, and how many will try to sell you new hardware instead.
#5508830
https://forums.guru3d.com/data/avatars/m/142/142432.jpg
nevcairiel:

Software should be possible, however the question still remains how many are going to do that, and how many will try to sell you new hardware instead.
exactly
#5508842
https://forums.guru3d.com/data/avatars/m/265/265607.jpg
Seems kinda strange, isn't WPA2 supposed to use AES ? I don't believe AES was ever broken or that anyone even came close to it. Or is it simply a problem of implementation ?
#5508849
https://forums.guru3d.com/data/avatars/m/271/271131.jpg
nevcairiel:

Software should be possible, however the question still remains how many are going to do that, and how many will try to sell you new hardware instead.
Sounds a lot like Intel, doesn't it? ๐Ÿ™‚ Another problem is: How many customers are going to upgrade their router (I assume you spoke of vendors before, right?) if a firmware update is available? Grandma won't upgrade her router by herself for sure, but is still online surfing the web for cat pics.
#5508855
data/avatar/default/avatar09.webp
386SX:

Another problem is: How many customers are going to upgrade their router (I assume you spoke of vendors before, right?) if a firmware update is available? Grandma won't upgrade her router by herself for sure, but is still online surfing the web for cat pics.
WPA2 isn't inherently insecure, so thats fine. Many devices also auto-update these days - if an update is available.
#5508896
https://forums.guru3d.com/data/avatars/m/271/271903.jpg
Backstabak:

Seems kinda strange, isn't WPA2 supposed to use AES ? I don't believe AES was ever broken or that anyone even came close to it. Or is it simply a problem of implementation ?
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected - from researchers that found KRACK
#5508901
https://forums.guru3d.com/data/avatars/m/271/271131.jpg
nevcairiel:

WPA2 isn't inherently insecure, so thats fine. Many devices also auto-update these days - if an update is available.
I partially agree. ๐Ÿ™‚ WPA2 isn't as insecure as advertised by the media, but the possibility to crack WPA2 passwords in a reasonable amount of time is there. Source: https://www.krackattacks.com/ For example a --software name removed-- attack with help of EC2 gives you a 10-char password in a couple of seconds. I won't post links for that, but google and you will find enough links to provide proof for my statement.
#5508955
data/avatar/default/avatar29.webp
386SX:

I partially agree. ๐Ÿ™‚ WPA2 isn't as insecure as advertised by the media, but the possibility to crack WPA2 passwords in a reasonable amount of time is there. Source: https://www.krackattacks.com/ For example a --software name removed-- attack with help of EC2 gives you a 10-char password in a couple of seconds. I won't post links for that, but google and you will find enough links to provide proof for my statement.
Except you can protect against KRACK today.
#5509044
https://forums.guru3d.com/data/avatars/m/56/56686.jpg
meh time for new routers to be sold with those new cpu you need to fix a flaw that patching with sw will reduce performance in?
#5509204
https://forums.guru3d.com/data/avatars/m/265/265607.jpg
386SX:

I partially agree. ๐Ÿ™‚ WPA2 isn't as insecure as advertised by the media, but the possibility to crack WPA2 passwords in a reasonable amount of time is there. Source: https://www.krackattacks.com/ For example a --software name removed-- attack with help of EC2 gives you a 10-char password in a couple of seconds. I won't post links for that, but google and you will find enough links to provide proof for my statement.
Oh I see, thanks. They specifically attack the handshake when connecting to the network and exchanging the keys. So this really needs just a SW fix. But the entire new protocol will take a long time to create and approve, let alone enforce someone to use it.