WiFi Alliance says new WPA3 wireless standard will focus on security

WPA2 was KRACKed last year

The WiFi Alliance has announced the new wireless standard, WPA3, at CES in Las Vegas. The new family of WiFi security technologies comes shortly after WPA2, which every wireless device in the world today uses, was found to be vulnerable to the KRACK exploit.

WPA3 will be launched later this year, with ‘a suite of features to simplify Wi-Fi security configuration for users and service providers', as well as four brand new capabilities.

Two of the new features will focus on protecting users that choose weak passwords (although we're not sure how yet); or have little experience in configuring security settings. This latter function is said to simplify the process of changing security for devices that have little or no display interface, like many IoT products.

WPA3 will also protect networks with higher security requirements - like government, military and industrial - through a 192-bit security suite, ‘aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems'.

Finally, another feature will focus on using individualised data encryption to raise privacy on open networks. Security researcher Mathy Vanhoef said that this might refer to Opportunistic Wireless Encryption:

WPA3, Vanhoef told ZDNet, will use a new handshake system, distinct from the current four-way shake used in WPA2.

The WiFi Alliance said that WPA2 will continue to be used in devices ‘for the foreseeable future'.