Wi-Fi Protected Access 3

overview of the cool new features

Ward De Ridder, ON8WR

6th of August 2023
@BornHack

History of WLAN security

199x - 2018

IEE 802.11b

  • released in 1997
  • WEP
  • RC4 rolling key
  • under 10 minutes to crack

WPA

  • released in 2003
  • still uses RC4
  • different key per packet
  • old cards can be updated
  • WPA-Enterprise

WPA 2 - 802.11i

  • released in 2004
  • AES
  • offline brute-force attack
  • deauthentication attack

802.11w - MFP

  • Management Frame Protection
  • optional in WPA2

WPA3 - 2018

  • longer keys
  • MFP required
  • Simultanious Authentication of Equals
    • no offline attack

WPA3: Enhanced open

  • encrypts open Wi-Fi

WPA3: DPP

  • Device Provisioning Protocol
  • Replaces WPS
  • Onboarding IoT devices
    • QR-code with public key

Where to find the slides?

https://warddr.github.io/lightningtalk-WPA3/

license: CC BY-SA 4.0