you may be a lot less secure than you think. Well, every time you use the free wireless at your local Coffee Shop, or airport, or plane/bus etc. WPA3 is looking to address your local Coffee Shop’s security issues. So, even though the 4-way handshake gives us unique keying per-station per-connection (by using random numbers and including the MAC-address), we are all still starting off with the same seed key. The PMK, remember, is half of the PSK which, in turn, is calculated from a mixture of your SSID and the passphrase you used. They can use a dictionary attack, or a brute force attack to guess your PMK. Remember, a hacker can capture your traffic from your network, take it home, and work on it offline. Now, this is not as bad as everyone using the same key, but it’s still not good.Īnyway, not to worry, because you regularly change the PSK every 30 days, or so, and you always change it when anyone leaves the company, right? Umm, right? Erm, probably not. So, every time anyone logs onto your wireless network, they are using the same seed key. With PSK, the PMK (the head honcho, top dog, key) is calculated from the PSK (basically, the PSK is chopped in half). But all those PSK (WPA2-Personal) networks out there have a few challenges. If you have 802.1X/EAP/RADIUS (WPA2-Enterprise) configured (correctly) you can be quite smug, you have security. So, how is WPA3 more secure then WPA2? WPA3 is promising to improve security in multiple ways, over WPA2 There is a lot of buzz in the industry about WPA3 and, especially, after the scare we had with WPA2 (see our blog post: krack-hack-is-wpa2-dead/).
0 kommentar(er)
