What's new

wpa3-Enterprise in asuswrt merlin

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

noe

New Around Here
Is there a chance that WPA3-Enterprise will be available on more devices especially on RT-AX58U? wpa3 Enterprise with its 3096 bit asymetric key aswell as a 192 bit symmetric key helps keeping data secure for longer than data secured with elliptic curves (as some studies show a Quantum Computer needs 4 times more qubits for RSA than ECC) - 100 million qubits needed to crack 2048bit RSA within one hour, with more efficient algorithms maybe less.
 
Last edited:
You need to ask ASUS, this is not something Merlin has any control over.
 
Well according to the shops website my device (RT-AX58U) officially supports wpa3-enterprise


ASUS say WPA3 PERSONAL.

Wifi and encryption are closed source code and not something Merlin can touch.
 
AFAIK the main difference between "enterprise" and "personal" mode is that the former requires a centralized RADIUS authentication server. You sure that is what you want? It seems like overkill for a home network.
 
A radius server is required and often separated, but i would like to have both router and Radius combined.
According to arubanetworks: WPA3-Enterprise 192-Bit Mode—Brings Suite-B 192-bit security suite that is aligned with Commercial National Security Algorithm (CNSA) for enterprise network. SAE-based keys are not based on PSK and are therefore pairwise and unique between clients and the AP. Suite B restricts the deployment to one of two options:

128-bit security

192-bit security without the ability to mix-and-match ciphers, Diffie-Hellman groups, hash functions, and signature modes)

It helps preventing more sophisticated attacks and has an increased keysize. If there is no chance for this i will wait for lifi to be standardised. Lifi dongle can be easily connected via lan port.
 
Last edited:
To be blunt, if I were running an installation where I thought that the difference between 128-bit and 192-bit keys was important, I would not be running it on consumer-grade gear. Look around you: half the people on these forums are using back-dated firmware because ASUS can't manage to ship a release that doesn't add about as many showstopper bugs as it subtracts. The unfixed-but-public CVEs in their installations are probably far more dangerous than not having the widest possible key size. Fortunately, most of us don't have blackhats for near neighbors, so it's not critical to have absolutely impregnable wireless security. But if that is your situation, this is not the gear to buy.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top