Why WPA3 is necessary to secure Wi-Fi 6 / 802.11ax networks

Following the disclosure of the KRACK vulnerability, WPA3 was developed to prevent "session replay" attacks. Aruba's Jeff Lipton explains the importance of WPA3 to Wi-Fi 6.

Why WPA3 is necessary to secure Wi-Fi 6 / 802.11ax networks

HPE Discover 2019, TechRepublic's James Sanders spoke with Aruba's Jeff Lipton about the importance of WPA3 to Wi-Fi 6. The following is an edited transcript of the interview.

Jeff Lipton: Let's talk a little bit about the security for Wi-Fi networks. I think some people will tell you that Wi-Fi networks are not as secure as 5G networks. Generally, that's not true. What that refers to are networks that are set up improperly. For example, a coffee shop network where there's no password protection. Of course, that's not going to be secure.

So let's take WPA3 off the table for a minute. If you talk about WPA2-Enterprise, if it's set up properly, it's a very secure network. What WPA3 gives you is better encryption, better authentication, and it also gives you OWE, which is a way to encrypt a conversation on non-protected communications, non-password protected communications. I think WPA2 was a huge success, but that was done several years ago. Security threats have evolved, networks have evolved, and we have to evolve as well to address those threats. That's what WPA3 does.

SEE: Vendor risk management: A guide for IT leaders (free PDF) (TechRepublic)

Interestingly, if you compare WPA3 security with LTE and 5G security, it's generally a little bit ahead as far as authentication, encryption, and things like that. I'd say that security for both is good, but the security for WPA3 is marginally better.

James Sanders: Do you think that there's going to be more of a need for--say yearly or quarterly updates to the way that devices connect to Wi-Fi networks, in order to address security issues in the way that Android phones are patched or Windows is patched?

Jeff Lipton: Yeah, so that remains to be seen. Right now it's my understanding that WPA3 is very solid, and if it's deployed, with WPA3 for the enterprise, it represents the state of the art in security right now. I think as security threats evolve, we have to evolve our responses to them and be even proactive about it. We'll have to do that. It's also interesting to mention that when you talk about LTE and 5G security, there are certainly stingray attacks, and there have been a lot of highly publicized breaches and attacks there too. Nothing is completely secure, but we're very confident and happy with the security levels provided by WPA3 now.

Also see