Back to Top

Scroll Down


My Guides

WPA3 fixes the KRACK Vulnerability

Do you remember the KRACK vulnerability? You should, because I have covered it in this article a while ago. It happened at the end of 2017, and it's a severe issue of the WPA2 protocol, which was considered to be 100% secure until then.

The sad news is that almost any Wi-Fi enabled device is vulnerable, and there aren't too many things to be done about it yet.

A recent report highlighted the fact that almost 50% of Android devices are vulnerable to this exploit.

There is a simple explanation for that: phone manufacturers aren't quick to implement Google's security patches, because they have customized the android OS to their liking, rather than offering it to their users as it was compiled by Google.

It's not all about Android users, though. Mac computers and desktop PCs are affected as well. Basically, pretty much any device that incorporates a CPU is vulnerable to the KRACK attack.

WPA2 is governed by the Wi-Fi Alliance, a consortium of big companies that are active in the IT field. Think Apple, Microsoft, and so on.

Fortunately, these companies are doing something about it, and the new iteration of the WPA communication protocol should fix the problem for good.

Unlike the previous iteration, WPA3 will make use of individualized data encryption. Believe it or not, all the clients that are communicating over a particular Wi-Fi network share the same data encryption keys. This means that if a hacker has managed to get his hands on a few dozens of encrypted data packets, and then manages to decrypt them, he will have unrestricted access to all the network traffic.

The good news is that WPA3 will scramble all the data that is sent back and forth to the router. Not only that, but devices that make use of pre-shared passphrases will not be vulnerable to dictionary based, brute force attacks anymore. It's reassuring news, considering the fact that lots of people continue to use dumb passwords, such as "123456".

But how is it possible to keep the network safe, even when people use short, easy to guess passwords? Well, routers using the WPA3 protocol will block any client that tries to connect using several different passwords over a short period of time. It's basic, and yet very effective security stuff, but surprisingly, it wasn't implemented for wireless technologies until now.

Data encryption will also be hardened; WPA3 will encrypt the information using a 192-bit security mechanism. So, I can totally understand why by making use of these two protocol upgrades, it will be really easy to improve the security of any wireless network.

We will still have to wait some time, until all the WPA3 protocol specifications are ready. Then, we will have to wait a bit more, until the new WPA3-based devices are made available. And once they are available, I guarantee that they'll make a serious dent in our wallets. Why? Because we will have to replace all the network clients, not to mention the actual routers. Still, there have been over 10 years since WPA2 has been released, so maybe it was time for a change anyway.

So, if you are interested in purchasing a new router, it makes a lot of sense to wait for a few more months, until the new generation of WPA3-based products will hit the market.