Wireless Protected Access 3 (WPA3) is the latest security standard certification from Wi-Fi. It was observed that WPA2-Personal which is normally used in most home Wi-Fi networks was susceptible to offline dictionary attacks having weak passwords. A few vulnerabilities such as KRACK (Key re-installation attack) and HOLE196 (which allowed malicious clients to send group encrypted messages and cause Denial of Service) were also discovered for WPA2. To update the security standard and to overcome the above known issues, WPA3-Personal was introduced. WPA3-Personal in itself has had certain issues discovered but is considered to be more robust than WPA2-Personal.

WPA3-Personal uses Simultaneous Authentication of Equals (SAE) which uses the Dragonfly algorithm to provide a stronger password based security for personal networks. Do note that WPA3-Enterprise does not use SAE and uses certificate based mechanisms. The newer Wi-Fi and IEEE standards such as ieee 802.11be/WIFI7 mandate WPA3 security to be implemented for its operation.

We will look at the dragonfly handshake and how WPA3-Personal differs from WPA2-Personal in the coming articles.

WPA3 Personal Security changes