Académique Documents
Professionnel Documents
Culture Documents
(January 2019)
Abstract
The Wireless Protected Access (WPA) is a security protocol and certification developed by the Wi-Fi Alliance and is of a critical importance to
almost all types of wireless communications, affecting individuals, businesses and organisations. In January 2018 the Wi-Fi Alliance announced WPA3, it
includes numerous improvements over WPA2, which has existed in different variations since 2004.This paper will critically analyse the changes made in
WPA3 to determine its success and identify any areas it could improve upon. The areas of focus will be encryption, authentication, passwords and
connections.
Keywords
wpa2, wpa3, wireless security, SAE, IEEE 802.11, Wi-Fi, security analysis
---------------------------- ◆ ----------------------------
1 INTRODUCTION
ireless communication usage continues to grow, as new 2) which allows hackers to steal and intercept passwords as
W technology is developed and the amount of devices con- well as monitor user actions on the internet and replace mes-
nected wirelessly grows. We can say without a doubt that wire- sages/data (Balaban, 2018). Due to the fact that the flaw is in
less networks have changed the way people interact with each the protocol and not within individual WPA2 implementations,
other, and that human ma- this means that all WPA2 networks are potentially vulnerable
chine interaction is higher (Honeywell, n.d.).
than ever and will probably Another problem with WPA2 is that anyone on the same
increase further. But all this public network as the host device can observe the device activ-
interconnectivity comes with ity and target it with intrusions like man-in-the-middle attacks
a price in terms of security. or traffic sniffing. This problem has been exasperated with a
In June 2018 Wi-Fi Alli- rise in public establishments offering free Wi-Fi to customers.
ance announced the next gen- This problem arises because of the use of a Pre-Shared Key
eration Wi-Fi security WPA3 (PSK). Everyone connecting to the network uses the same PSK
Figure 1 - Kaspersky Lab
(Wi-Fi Alliance, 2018). In a global security of wireless and “Since the PSK is known by everyone, it is possible for a
study published by Kaspersky networks passive attacker to observe the 4-way handshake and compute
Lab in 2016, it shows that nearly 70% of global Wi-Fi devices the traffic encryption keys used by a client and access point
are encrypted with WPA2, but 22% are not using any encryp- (AP)” (Harkins & Kumari, 2017). This means that networks in
tion at all (Kaspersky Lab, n.d.). A survey by (Legezo, 2016)
found that 53% of smartphone owners and 70% of tablet own-
ers will use public Wi-Fi hotspots. Another survey conducted
by OWI Labs shows that 81% will connect to a free public Wi-
Fi, 18% will never connect and only 1% with a VPN connec-
tion (Hughes, 2018). As new flaws are found in WPA2 the
need for a new standard has become apparent. This paper will
determine the extent of WPA3 improvements upon WPA2 and
identify any shortcomings of the new protocol.
Due to the fact that Wi-Fi Alliance does not provide enough
technical information about the incoming changes, this study
is limited to data collection from other sources based on the
incoming WPA3 protocol as well as our knowledge about Wi-
Fi security.
Figure 2 - KRACK attack 4-way handshake
2 RELATED WORK
2.1 Background places such as coffee shops that have the appearance of being
secure are in reality just as vulnerable as open networks. How-
The current security protocol, WPA2 dates back to 2004 and
ever, with the current implementation of PSK authentication,
since then security researchers have discovered a series of
brute force attacks can be deterred by using strong passwords
serious vulnerabilities affecting the Wi-Fi protocol. Despite
(between 20 to 63 characters). In addition to protocol issues,
numerous patches and updates some of the WPA2 vulnerabili-
bugs and exploits we must consider the user “laziness” as well.
ties were never fully resolved. One of the most notorious vul-
Many users are unaware of the importance of their data and
nerabilities is Key Reinstallation Attacks or ‘KRACK’ (Figure
use passwords that are easy to guess and vulnerable to brute
ADNET – Next generation of Wi-Fi security | UP872413, UP834069, UP825804, UP781852
2 ADNET – NEXT GENERATION OF WI-FI SECURITY
force attacks. 3 PROPOSED SOLUTIONS
An analysis of worldwide leaked user passwords in 2017
Opportunistic Wireless Encryption (OWE) is a solution
shows that the average password length is only 8 characters
brought in WPA 3 where connection will be automatically
(Statista, 2019). With faster and faster computers and increased
encrypted without need for additional credentials. This means
access to the combined resources of distributed cloud compu-
that all traffic in WPA3 networks will be automatically en-
ting even passwords with high entropy can be cracked.
crypted, regardless of whether or not password protection is
2.2 Current Solutions used. We can say that it is a password-free encryption protocol.
WPA2 uses a pre-shared key (PSK) to authenticate and This means that VPNs are not a necessity for encrypting
validate users connected to a network, also to create other en- traffic on public networks, the introduction of OWE allows
cryption keys. Brute force attacks can be used to obtain the regular people without any technical expertise to get the same
PSK, then once the PSK is known an “attacker can connect to protection against cyber criminals. However OWE does not
the network” and “decrypt passed captured traffic” (Dorai, provide any privacy from the access point manager, where as a
2018). Ultimately this means that any information transmitted
on the network is exposed, this is a severe security risk for
companies transmitting valuable information, which is why
WPA2-Enterprise exists.
WPA2-Enterprise solves the problem of traffic sniffing
with user authentication. However this solution is not practical
for places such as coffee shops as it requires every user to pos-
sess login credentials and staff are unlikely to be trained in
configuring a network.
Some businesses prioritise ease of use over security and
just use open networks with no password protection or encryp-
tion of any kind, while this is more convenient this is unwise
as traffic from sites not using https is transmitted in plain text
and attackers will be able to access this easily without any
protection measures on the network.
WPA2 using AES-based encryption converts plaintext in-
to cipher text with key lengths of 128; this is somewhat secure Figure 3 - OWE Based authentication
but is vulnerable to brute force attacks.
2.3 Comparison
In order to determine if WPA3 improves network security
this paper will focus its analysis on two of the most important
security measures implemented in WPA3; Simultaneous Au-
thentication of Equals (SAE) and Opportunistic Wireless En-
cryption (OWE). Additionally other important elements will be
considered, such as encryption and communication.
WPA3 uses SAE in place of WPA2-PSK. SAE is a deriva-
tive of the Dragonfly-Handshake protocol, based on discrete
logarithm cryptography, defined in RFC 7664 (Harkins D. ,
2015). SAE is secure against passive attacks as successful at-
tacks would have to solve the Computational Diffie–Hellman
(CDH) problem, which is computationally infeasible (Harkins Figure 4 - OWE association request and response
D. , n.d.). There was some doubt that SAE could be proven to VPN does.
be secure against active attacks, but independent researchers In Figure 3 and Figure 4 we can observe that OWE re-
Lancrenon, J & Skrobot, M proved that the IETF proposal of quires no additional frames to be exchanged in the association
Dragonfly is sound (Lancrenon & Skrobot, n.d.). Since SAE is process, whereas WPA2 RSNA requires at least 10 frames to
secured against both passive and active attacks it is a clear be exchanged. This is because OWE creates on-the-fly random
improvement over WPA2-PSK which is vulnerable to KRACK credentials and generates PTK and GTK keys. OWE is also
attacks. backwards compatible as it does not require new hardware and
To clients OWE and open networks appear the same, there no new encryption code is needed as Diffie-Hellman is already
are no additional steps needed to connect to an OWE network widely implemented in protocols such as EAP key exchange.
compared to an open network. However OWE encrypts traffic (Guido R. Hiertz, Ericson et al., 2016). As shown in the dia-
whereas open networks do not. Since OWE is as straightfor- grams above, OWE exchanges association requests and re-
ward to use as open networks but offers improved security it is sponses using the Diffie-Hellman key exchange. This means
an obvious improvement and should lead to the abandonment that eavesdroppers cannot calculate the PMK, explained with
of open networks. the following protocol.