5

I'm a beginner in WLAN security. I was going through various articles and noticed that WEP, WPA and even WPA2 (Hole 196) has some drawback.

I came to know that, if the Group Temporal Key is made unique for clients, then the Hole 196 vulnerability can be compromised.

Then, why is there no WPA3 still?

Gomu
  • 1,004
  • 5
  • 16
  • 36
  • "Why there is no WPA3?" - because nobody has made it yet? –  Jul 08 '13 at 18:55
  • @H2CO3 What I would like to know was, is any other factor that is hindering the development of WPA3? It can be otherwise stated as, what factor is stopping us from implementing the solution for WPA2 issue (unique GTK)? – Gomu Jul 08 '13 at 19:09
  • WPA2 is strong enough! except for hole 196, http://www.airtightnetworks.com/WPA2-Hole196 – Ishmeet Jul 09 '13 at 12:19
  • @Ishmeet Thanks for the link. But, what is the big deal about rectifying that problem? – Gomu Jul 09 '13 at 17:05
  • You can work on that idea if you want so ;) – Imad Oct 17 '13 at 15:25
  • ... aaaaaaaaaand this hole here: http://www.securityweek.com/researchers-outline-how-crack-wpa2-security – fatuhoku Mar 25 '14 at 21:16
  • 1
    [Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping](https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/) – Asbjørn Ulsberg Oct 16 '17 at 10:05

1 Answers1

0

WPA3 has been announced:

  • Uses a new handshake which won’t be vulnerable to dictionary attacks.
  • Features a 192-bit security suite aligned with the Commercial National Security Algorithm (CNSA) Suite that will protect government, defense, and industrial networks that have higher security requirements.

https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-introduces-wi-fi-certified-wpa3-security

parsley72
  • 8,449
  • 8
  • 65
  • 98