(Image credit: Actiontec)
The mandatory Simultaneous Authentication of Equals (SAE) method replaces WPA2's four-way session key generating "handshake" that was vulnerable to the KRACK attack and offers protection against dictionary attacks in general. Since it occurs only during the AP-STA authentication process, SAE doesn't significantly increase processor load.
The upshot is that this watered-down definition of WPA3 should be able to be added to devices that currently support WPA2. So rip-and-replacing all your current Wi-Fi gear to get improved security should not be necessary.
The "will they/won't they" (upgrade existing stuff) question now boils down to how vendors view the priority of supporting existing products vs. pumping out new stuff. So I asked Qualcomm, Linksys and NETGEAR for their official word on plans to support WPA3 on existing Wi-Fi products. The question posed to each was "Could you please comment on your plans to support WPA3 in existing products?".
Since Qualcomm is at the top (or bottom) of the Wi-Fi food chain, let's start with them.
This felt a little wiggly, so I asked for confirmation whether WPA3 will eventually be supported "in all Wi-Fi devices in Qualcomm's current catalog and going forward, both AP and STA (client) devices". The response:Qualcomm said:"Qualcomm expects to incorporate WPA3 security features into chipsets in summer 2018 for mobile devices beginning with the Qualcomm® Snapdragon™ 845 Mobile Platform and on all Wi-Fi networking infrastructure products. We are supporting WPA3 on new SW releases (per timeline indicated above). Any vendor who ports the latest SW release for any AP product we supply, will support WPA3. This would include IPQ40xx family."
Qualcomm said:"Any network infrastructure product (based on AR,QCA,IPQ chip/set) that ships, starting this summer, will support WPA3. Any mobile device SD845 or higher, supports WPA3."
Pretty encouraging, particularly since if Qualcomm doesn't upgrade drivers, ain't nothin' gonna happen downstream.
Next up, Linksys offered a definite maybe...
Linksys said:”Linksys plans to support next generation WPA3 security. This functionality is highly dependent on the Wi-Fi chipset provider, thus support will be on a case-by-case basis. If legacy products are supported, Linksys will deploy automatic firmware updates to all enabled products. In many cases, WPA3 support will be offered in newer chipset and products. More details will be released at time of availability.”
Finally, NETGEAR replied:
NETEAR said:"We (NETGEAR) are working with our partners integrating latest security protocol WPA3 in our home networking products. We will inform media and customers when this update is available. Based on our investigations, we deem that it’s highly likely that the majority of products should be able to make use of the feature by updating firmware on existing product.
WPA3 has two components – Personal and Enterprise. Our statements are only in context of Personal WPA3. Enterprise version is supposed to add 192-bit encryption and may impact hardware."
I belatedly reached out to ASUS and will update this post with their response when I receive it.