ADNET – NEXT GENERATION OF WI-FI SECURITY 1

Next Generation of Wi-Fi Security

(January 2019)
Abstract
The Wireless Protected Access (WPA) is a security protocol and certification developed by the Wi-Fi Alliance and is of a critical importance to
almost all types of wireless communications, affecting individuals, businesses and organisations. In January 2018 the Wi-Fi Alliance announced WPA3, it
includes numerous improvements over WPA2, which has existed in different variations since 2004.This paper will critically analyse the changes made in
WPA3 to determine its success and identify any areas it could improve upon. The areas of focus will be encryption, authentication, passwords and
connections.

Keywords
wpa2, wpa3, wireless security, SAE, IEEE 802.11, Wi-Fi, security analysis

---------------------------- ◆ ----------------------------

1 INTRODUCTION
ireless communication usage continues to grow, as new 2) which allows hackers to steal and intercept passwords as
W technology is developed and the amount of devices con- well as monitor user actions on the internet and replace mes-
nected wirelessly grows. We can say without a doubt that wire- sages/data (Balaban, 2018). Due to the fact that the flaw is in
less networks have changed the way people interact with each the protocol and not within individual WPA2 implementations,
other, and that human ma- this means that all WPA2 networks are potentially vulnerable
chine interaction is higher (Honeywell, n.d.).
than ever and will probably Another problem with WPA2 is that anyone on the same
increase further. But all this public network as the host device can observe the device activ-
interconnectivity comes with ity and target it with intrusions like man-in-the-middle attacks
a price in terms of security. or traffic sniffing. This problem has been exasperated with a
In June 2018 Wi-Fi Alli- rise in public establishments offering free Wi-Fi to customers.
ance announced the next gen- This problem arises because of the use of a Pre-Shared Key
eration Wi-Fi security WPA3 (PSK). Everyone connecting to the network uses the same PSK
Figure 1 - Kaspersky Lab
(Wi-Fi Alliance, 2018). In a global security of wireless and “Since the PSK is known by everyone, it is possible for a
study published by Kaspersky networks passive attacker to observe the 4-way handshake and compute
Lab in 2016, it shows that nearly 70% of global Wi-Fi devices the traffic encryption keys used by a client and access point
are encrypted with WPA2, but 22% are not using any encryp- (AP)” (Harkins & Kumari, 2017). This means that networks in
tion at all (Kaspersky Lab, n.d.). A survey by (Legezo, 2016)
found that 53% of smartphone owners and 70% of tablet own-
ers will use public Wi-Fi hotspots. Another survey conducted
by OWI Labs shows that 81% will connect to a free public Wi-
Fi, 18% will never connect and only 1% with a VPN connec-
tion (Hughes, 2018). As new flaws are found in WPA2 the
need for a new standard has become apparent. This paper will
determine the extent of WPA3 improvements upon WPA2 and
identify any shortcomings of the new protocol.
Due to the fact that Wi-Fi Alliance does not provide enough
technical information about the incoming changes, this study
is limited to data collection from other sources based on the
incoming WPA3 protocol as well as our knowledge about Wi-
Fi security.
Figure 2 - KRACK attack 4-way handshake
2 RELATED WORK
2.1 Background places such as coffee shops that have the appearance of being
secure are in reality just as vulnerable as open networks. How-
The current security protocol, WPA2 dates back to 2004 and
ever, with the current implementation of PSK authentication,
since then security researchers have discovered a series of
brute force attacks can be deterred by using strong passwords
serious vulnerabilities affecting the Wi-Fi protocol. Despite
(between 20 to 63 characters). In addition to protocol issues,
numerous patches and updates some of the WPA2 vulnerabili-
bugs and exploits we must consider the user “laziness” as well.
ties were never fully resolved. One of the most notorious vul-
Many users are unaware of the importance of their data and
nerabilities is Key Reinstallation Attacks or ‘KRACK’ (Figure
use passwords that are easy to guess and vulnerable to brute
ADNET – Next generation of Wi-Fi security | UP872413, UP834069, UP825804, UP781852
2 ADNET – NEXT GENERATION OF WI-FI SECURITY
force attacks. 3 PROPOSED SOLUTIONS
An analysis of worldwide leaked user passwords in 2017
Opportunistic Wireless Encryption (OWE) is a solution
shows that the average password length is only 8 characters
brought in WPA 3 where connection will be automatically
(Statista, 2019). With faster and faster computers and increased
encrypted without need for additional credentials. This means
access to the combined resources of distributed cloud compu-
that all traffic in WPA3 networks will be automatically en-
ting even passwords with high entropy can be cracked.
crypted, regardless of whether or not password protection is
2.2 Current Solutions used. We can say that it is a password-free encryption protocol.
WPA2 uses a pre-shared key (PSK) to authenticate and This means that VPNs are not a necessity for encrypting
validate users connected to a network, also to create other en- traffic on public networks, the introduction of OWE allows
cryption keys. Brute force attacks can be used to obtain the regular people without any technical expertise to get the same
PSK, then once the PSK is known an “attacker can connect to protection against cyber criminals. However OWE does not
the network” and “decrypt passed captured traffic” (Dorai, provide any privacy from the access point manager, where as a
2018). Ultimately this means that any information transmitted
on the network is exposed, this is a severe security risk for
companies transmitting valuable information, which is why
WPA2-Enterprise exists.
WPA2-Enterprise solves the problem of traffic sniffing
with user authentication. However this solution is not practical
for places such as coffee shops as it requires every user to pos-
sess login credentials and staff are unlikely to be trained in
configuring a network.
Some businesses prioritise ease of use over security and
just use open networks with no password protection or encryp-
tion of any kind, while this is more convenient this is unwise
as traffic from sites not using https is transmitted in plain text
and attackers will be able to access this easily without any
protection measures on the network.
WPA2 using AES-based encryption converts plaintext in-
to cipher text with key lengths of 128; this is somewhat secure Figure 3 - OWE Based authentication
but is vulnerable to brute force attacks.
2.3 Comparison
In order to determine if WPA3 improves network security
this paper will focus its analysis on two of the most important
security measures implemented in WPA3; Simultaneous Au-
thentication of Equals (SAE) and Opportunistic Wireless En-
cryption (OWE). Additionally other important elements will be
considered, such as encryption and communication.
WPA3 uses SAE in place of WPA2-PSK. SAE is a deriva-
tive of the Dragonfly-Handshake protocol, based on discrete
logarithm cryptography, defined in RFC 7664 (Harkins D. ,
2015). SAE is secure against passive attacks as successful at-
tacks would have to solve the Computational Diffie–Hellman
(CDH) problem, which is computationally infeasible (Harkins Figure 4 - OWE association request and response
D. , n.d.). There was some doubt that SAE could be proven to VPN does.
be secure against active attacks, but independent researchers In Figure 3 and Figure 4 we can observe that OWE re-
Lancrenon, J & Skrobot, M proved that the IETF proposal of quires no additional frames to be exchanged in the association
Dragonfly is sound (Lancrenon & Skrobot, n.d.). Since SAE is process, whereas WPA2 RSNA requires at least 10 frames to
secured against both passive and active attacks it is a clear be exchanged. This is because OWE creates on-the-fly random
improvement over WPA2-PSK which is vulnerable to KRACK credentials and generates PTK and GTK keys. OWE is also
attacks. backwards compatible as it does not require new hardware and
To clients OWE and open networks appear the same, there no new encryption code is needed as Diffie-Hellman is already
are no additional steps needed to connect to an OWE network widely implemented in protocols such as EAP key exchange.
compared to an open network. However OWE encrypts traffic (Guido R. Hiertz, Ericson et al., 2016). As shown in the dia-
whereas open networks do not. Since OWE is as straightfor- grams above, OWE exchanges association requests and re-
ward to use as open networks but offers improved security it is sponses using the Diffie-Hellman key exchange. This means
an obvious improvement and should lead to the abandonment that eavesdroppers cannot calculate the PMK, explained with
of open networks. the following protocol.

ADNET - Next generation of Wi-Fi security

ADNET – NEXT GENERATION OF WI-FI SECURITY
Simultaneous Authentication of Equals (SAE) is a more
robust handshake when user password is less complex than the
recommended complexity and is more resistant against dic-
tionary attacks (offline), compared with WPA2 which is vul-
nerable to dictionary attacks. SAE offers a more secure PSK
authentication by not sending the passphrase between 802.11
stations during the SAE exchange, therefore the passphrase is
protected against brute-force dictionary attacks.
SAE protocol is already defined for 802.11s since 2006
(Conner, Kruys, Kim, & Zuniga, 2006) and the handshake
includes a Diffie-Hellman exchange which is an algorithm to
create a composite key. The key is created together, where
parties do not know each other’s secret generated numbers,
making offline dictionary attacks useless.
Figure 5 - SAE Authentication
In Figure 5 we can see a basic representation of how SAE
authentication, association and the 4-way handshake work. For
a better understanding of SAE protocol we can look at the
following example of a key creation between Alice and Bob
and we assuming that Eve (the hacker) will try to intercept the
key. In below table (Figure 6) are represented the known (red)
and unknown (green) numbers and how Eve will intercept this
communication.
Figure 6 - SAE Key creation
1. Two primary numbers are generated and Alice and Bob
know both numbers (X/5 and Y/23).
2. Alice picks a secret number (a/6) and computes Xa mod
Y sending the result as A/8.
3. Bob pick a secret number (b/15) and compute Xb mod Y
sending result as B/19.
4. Alice receives the number B from Bob and compute Ba
mod Y.
5. Bob receive the number A from Alice and compute Ab
mod Y.
We can write like:
[Хα mod У]b mod У = [Хb mod У]α mod У
The answer will be always the same regarding the order ex-
ADNET – Next generation of Wi-Fi security | UP872413, UP834069, UP825804, UP781852
3
ponentiation is done. Alice will never know the secret number
of Bob and vice versa. The shared key is composed in step 4
and 5 and no 3rd party can read the key because the secret
numbers (a,b) where never exchanged between Alice and Bob.
Encryption in WPA3 can either be 128-bit encryption for
personal mode or 192 bit for WPA3-Enterprise, providing add-
ed protection, in addition to the authentication policies in the
enterprise version. This new security enhancement is aimed for
governments, high profile industries, defense departments or
any other organization requiring a high security Wi-Fi (Geier,
2018). Compared to WPA2 which used a CCMP/AES encryp-
tion the new WPA3 uses a GCMP-256 encryption, the previous
encryption used by WPA2 was from the 802.11i protocol. This
encryption limited the key length to 128 bits. The 192-bit is in
coordinate with the CNSA (Commercial National Security
Algorithm). Just to have a better understanding of the key
complexity, an 8-bit key will have 256 possible combinations;
128-bit key has 3.4 x 1038 where 192-bit key has 6.2 x 1057. Of
course this numbers are relevant in conjunction with a brute-
force attack where every possible combination is tried one by
one.
The new encryption in WPA3 ensures that the main key for
the encryption is not sent over a network to another device
which in results ensures that hackers can’t get access or figure
out where the master key is hidden. Although, the new encryp-
tion given means only devices that support 803.11ac can use it,
it’s simple to fix and install for users and majority of new de-
vices has this already.
The Wi-Fi communication standard designed by IEEE,
802.11ax, also known as 6th generation of Wi-Fi, delivers more
than 35% increase in throughput by creating broader channels
and splitting them into narrower sub-channels and in this way
the total number of channels is increased, with a higher denser
modulation 1024-QAM compared with 256-QAM from
802.11ac. Currently the most common standard is 802.11ac
(MU-MIMO), which allows the AP to send up to 4 streams
(simultaneously), 802.11ax will allow 8-stream operation us-
ing Orthogonal-Frequency-Division-Multiplexing (MIMO-
OFDM), improving speed and stability of the connection in
heavy interference environment (Quantenna, 2017). 802.11ax
is designed to offer maximum forward and backward compati-
bility with 802.11a/n/ac devices and is fully backward-
compatible EDCA/CSMA access points (Cisco, 2018).
4 EVALUATION
The WPA3 protocol improves the security and simplicity.
All open access networks should employ OWE to better pro-
tect users. The aforementioned problems are solved as staff do
not need any technical knowledge to run a OWE network, and
customers do not need to worry about passwords. This will
replace the “OPEN” authentication, widely used with public
networks. In other words, even if the access to the network
itself is not protected, the communication between user and AP
is encrypted individually.
OWE is vulnerable to evil twin attacks, this is where an AP is
cloned or imitated in an attempt to get users to connect to them
instead of the real AP.
4 ADNET – NEXT GENERATION OF WI-FI SECURITY
However WPA3 requires the use of protected management
frames which prevent deauthentication attacks, a common
technique employed by evil twins to get users to repeat the
authentication process or try and trick users into joining the
fake network.
With SAE protocol brute force and offline attacks will
come to an end despite the fact that a user could select a pass-
word that falls below minimum recommended complexity.
Allowing devices to authenticate without requiring a certificate
(just the password), and supporting forward secrecy, which
means that encrypted data sent in the past will remain encrypt-
ed even if the password is compromised, SAE protocol will
improve the actual authentication methods.
Comparing with the 4-way handshake used by WPA2, us-
ing SAE an attacker needs to interact with the network for
every attempt of guessing the password.
5 CONCLUSION
Vanhoef, M states that WPA3 “is a missed opportunity that
could have truly improved Wi-Fi security” (Vanhoef, 2018).
His reasoning for this is that OWE and 192 bit encryption are
not mandated, meaning vendors can advertise their products as
WPA3 certified without including support for OWE or 192 bit
encryption.
SAE is a mandated feature of WPA3, the introduction of
SAE is a necessary improvement to prevent the KRACK at-
tacks exploiting the weaker key exchange algorithm of WPA2.
WPA3 mitigates the damage that might stem from weak
passwords and protects against dictionary attacks by imple-
menting the new SAE key exchange protocol.
Protected management frames are another mandated feature
of WPA3, although WPA2 also mandated support for them
since the start of 2018. This feature compliments OWE as it
helps to protect against evil twin attacks, however the Wi-Fi
alliance decided not to mandate support for OWE. This is
questionable decision because despite the many security im-
provements it provides, vendors may decide to not implement
it, in order to reduce production costs. If OWE was mandated
then networks without authentication methods would be signif-
icantly more secure.
WPA2 will not be overtaken by WPA3 overnight and we
probably won’t see a broad rollout of WPA3 until late
2019/2020 and an entire mitigation from WPA2 to WPA3 will
take years. In the meantime the WPA2 protocol will remain
widely used.
When a technology is used to connect billions of devices, it
is inevitable that flaws are found leaving devices vulnerable to
attack. So even though WPA3 comes with many new features
that increase security, users must remain cautious as it is just a
matter of time until new vulnerabilities are discovered.
REFERENCES
Balaban, D. (2018, Feb 15). Your Wi-Fi Can Be Hacked Due to
WPA2 Protocol Vulnerability Called KRACK.
Retrieved from Technology.Org:
https://www.technology.org/2018/02/15/your-wi-fi-
ADNET - Next generation of Wi-Fi security
can-be-hacked-due-to-wpa2-protocol-vulnerability-
called-krack/
Cisco. (2018). IEEE 802.11ax: The Sixth Generation of Wi-Fi.
Retrieved from Cisco.com:
https://www.cisco.com/c/dam/en/us/products/collater
al/wireless/white-paper-c11-740788.pdf
Conner, S. W., Kruys, J., Kim, K., & Zuniga, J. C. (2006, Nov
13). Overview of the Amendment for Wireless Local
Area Mesh Networking. Retrieved from
IEEE802.org:
http://www.ieee802.org/802_tutorials/06-
November/802.11s_Tutorial_r5.pdf
Dorai, G. (2018, May 03). Greater Wi-Fi Adoption brings the
need of higher security. Retrieved from Cisco Blogs:
https://blogs.cisco.com/wireless/greater-wi-fi-
adoption-brings-the-need-of-higher-security
Geier, E. (2018, Nov 2). What is WPA3? And some gotchas to
watch out for in this Wi-Fi security upgrade.
Retrieved from Network World:
https://www.networkworld.com/article/3316567/mob
ile-wireless/what-is-wpa3-wi-fi-security-protocol-
strengthens-connections.html
Guido R. Hiertz, Ericson et al. (2016, Mar 16). The benefits of
Oportunistic Wireless Encryption. Retrieved from
IEEE.org: https://mentor.ieee.org/802.11/dcn/16/11-
16-0313-01-000m-the-benefits-of-opportunistic-
wireless-encryption.pptx
Harkins, D. (2015, Nov). Dragonfly Key Exchange. Retrieved
from Internet Research Task Force:
https://tools.ietf.org/html/rfc7664
Harkins, D. E., & Kumari, E. W. (2017, Mar). Opportunistic
Wireless Encryption. Retrieved from IETF.org:
https://tools.ietf.org/html/rfc8110
Harkins, D. (n.d.). Dragonfly: A PAKE Scheme. Retrieved from
IETF.org:
https://www.ietf.org/proceedings/83/slides/slides-83-
cfrg-0.pdf
Honeywell. (n.d.). Cyber Security Update. Retrieved from
honeywellaidc.com:
https://country.honeywellaidc.com/ja-
JP/resources/publications/Publications/wi-fi-
vulnerability-krack-security-notice-en.pdf
Hughes, N. (2018, Jun 28). Insights & Analyses. Retrieved
from One World Identity:
https://oneworldidentity.com/despite-security-risks-
free-public-wi-fi-81-percent-still-connect-owi-labs-
survey-finds/
Kaspersky Lab. (n.d.). Public WiFi Security. Retrieved from
Kaspersky.com: https://usa.kaspersky.com/resource-
center/preemptive-safety/public-wifi
Kohlios, C. P., & Hayajneh , T. (2018, Nov). A Comprehensive
Attack Flow Model and Security Analysis for Wi-Fi
and WPA3. Electronics, Volume 7 Issue 11. Retrieved
from https://www.mdpi.com/2079-9292/7/11/284
Lancrenon, J., & Skrobot, M. (n.d.). On the Provable Security
of the Dragonfly Protocol. Retrieved from University
of Luxembourg:
http://orbilu.uni.lu/bitstream/10993/24767/1/Dragonf
ly.pdf
Legezo, D. (2016, Nov 24). Research on unsecured Wi-Fi
ADNET – NEXT GENERATION OF WI-FI SECURITY 5
networks across the world. Retrieved from Kaspersky
Lab: https://securelist.com/research-on-unsecured-
wi-fi-networks-across-the-world/76733/
Quantenna. (2017, Jan 5). Quantenna Announces QSR5G-AX,
an 802.11ax Dual 4x4 Wi-Fi Access Point Solution
targeting the Mainstream Wi-Fi Segment. Retrieved
from Quantenna.com: http://ir.quantenna.com/news-
releases/news-release-details/quantenna-announces-
qsr5g-ax-80211ax-dual-4x4-wi-fi-access-
point?ReleaseID=1006628
Statista. (2019). Average number of characters of leaked user
passwords worldwide as of 2017. Retrieved from
Statista.com:
https://www.statista.com/statistics/744216/worldwide
-distribution-of-password-length/
Vanhoef, M. (2018, Jun 27). WPA3: A Missed Opportunity.
Retrieved from MathyVanhoef.com:
https://www.mathyvanhoef.com/2018/06/wpa3-
missed-opportunity.html
Wi-Fi Alliance. (2018, Jun 25). Wi-Fi Alliance® introduces
Wi-Fi CERTIFIED WPA3™ security. Retrieved from
Wi-Fi.org: https://www.wi-fi.org/news-
events/newsroom/wi-fi-alliance-introduces-wi-fi-
certified-wpa3-security

ADNET – Next generation of Wi-Fi security | UP872413, UP834069, UP825804, UP781852