Your IT Consultant

More Problems for WPA3 WiFi Security

August 5, 2019

Two security researchers are giving the WiFi Alliance all kinds of fits. In April, they first disclosed five vulnerabilities in the WiFi Alliance's recently launched WPA3 WiFi security and authentication standard. The five vulnerabilities are collectively known as Dragonblood. Not to be outdone, the two researchers (Mathy Vanhoef & Eyal Ronen) recently disclosed two more vulnerabilities in the security recommendations the WiFi Alliance created for equipment vendors in order to mitigate the initial Dragonblood attacks. I guess those recommendations weren't very good. Vanhoef said the standard is being updated to address the latest findings. Perhaps the new standard will now be known as WPA3.1. The WiFi Alliance better listen to these guys. After all, they are also the ones that revealed the KRACK attack that broke WPA2.

We had hoped to see products implementing WPA3 by now, but it looks like the delay is a good thing. Let's hope the WiFi Alliance gets it right this time and we get some secure Wi-Fi products in our hands soon.

Email: Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com