WPA3 Certification Open For Business

[thiggins]

Vanhoef has an updated, yet separate, post...

https://www.mathyvanhoef.com/2018/06/wpa3-missed-opportunity.html

Thanks, Sfx. I recommend anyone reading this thread go read that post. Now.

I think I may need to amend my statement that all new hardware will be required to move to WPA3. The most compute intensive part of WPA3, 192 bit encryption, is optional. And according to Vanhoef's post, is required only during authentication. That would not slow traffic.

Easy Connect and Enhanced Open are also not part of WPA3.

That leaves the new handshake. Any thoughts on how compute intensive that is?

I agree with Vanhoef's conclusion:

. It seems the Wi-Fi Alliance focused on keeping WPA3 easy to implement for vendors, but not on improving the security of users.

I'll go ask some vendors about their plans.

 

[umarmung]

Agreed. That's a major change.

I guess this will become very vendor and product line dependent.

WiFi feature support, especially in security, is already a mess. This is not going to help.

 

[RMerlin]

Modern wifi SoC tend to have their own CPUs. I suppose that in theory, some of these might get WPA3 support through a firmware update. I'm thinking for instance about the BCM4366E.

 

[sfx2000]

Modern wifi SoC tend to have their own CPUs. I suppose that in theory, some of these might get WPA3 support through a firmware update. I'm thinking for instance about the BCM4366E.

Most modern Broadcom chips have at least 2 ARM's - one to run the RTOS, managing things, and the other to handle the real-time stuff - this was found during the KRACK disclosures and investigations, and confirmed by various documents that Cypress released. Internally, many are either eCOS or ThreadX as the RTOS.

 

[thiggins]

The situation is more positive than I thought:
https://www.snbforums.com/threads/better-news-about-wpa3-device-support.47434/