Published by the Wi-Fi Alliance in 2018, the WPA3 protocol is an updated version of the WPA2 protocol released in 2004. This update allows a better security of exchanges as well as an evolution in connection with the development of uses (multiplication of hotspot, IoT, …).
In despite of the progress in terms of security that WPA3 represents, there are some known vulnerabilities, for example online dictionary attacks, which can be blocked with an IDS/IPS, or some of the Frag Attacks vulnerabilities.
The initial version of WPA3 included the different features presented in the following article, however the final version only requires the EAS. The implementation of the other features remains at the free choice of the manufacturers. The DPP has its own certification.
OWE (Opportunistic Wireless Encryption)
Until the introduction of WPA3, public Wi-FIs are usually configured in open mode and therefore do not have a password. The good practice is to set up a captive portal to force people to authenticate. The fact that this network is not protected exposes us to two major risks: passive eavesdropping and man-in-the-middle attacks.
With the implementation of OWE, we will be able to rule out the possibility of passive eavesdropping on traffic. It describes a method for clients and access points to establish an encrypted session based on a Diffie-Hellman key exchange. The session keys are unique and this is transparent to the user.
DPP Device Provisioning Protocol / Easy Connect™
The DPP protocol is being implemented to address the security weaknesses of WPS (Wi-Fi Protected Access) and to facilitate the deployment of IoT objects. Unlike its predecessor with DPP allows authenticating devices on the network without passwords using QR codes or NFC tags.
This feature is not mandatory to obtain the WPA3 certification from the Wi-Fi Alliance, this feature is part of the Easy Connect Wi-fi Certified program.
Protected management Frames
One of the classic attack vectors of WPA2 Personnal is the capture of authentication exchanges that can later allow to perform an offline dictionary attack in order to break the PSK. To do so, the attacker can send deauthentication frames to force the client to initiate a new connection process and thus generate the frames desired by the attacker.
This protection of management frames is not a new feature of WPA3, it existed in previous versions, but it has been further developed.
Simultaneous Authentication of Equals (SAE)
In order to overcome the above-mentioned attack which consists in capturing the handshake and then breaking it offline with a dictionary, WPA3 uses a new key negotiation mechanism based on Dragonfly exchange. During negotiation, the keys are never sent, which eliminates the threat of an attacker capturing the 4-way handshake and then performing an offline attack. This key exchange mechanism is already implemented for 802.11s mesh networks.
Contribution of elliptic curves
One of the first changes in WPA3 compared to WPA2 is the generation of keys. WPA3 introduces the use of elliptic curves in Diffie-Hellman exchanges (DHCE) to reduce the size of the keys and therefore the resources needed for encryption. For example, for a 128-bit AES encryption the public key has a size of 3072 bits with the use of the Modular Exponential algorithm (MODP) against 256 bits with the use of ECDH.
To go further :
WPA3, OWE and DPP | Hemant Chaskar | WLPC Phoenix 2019 | Wireless LAN Professionals