WPA3: a new generation in wifi security starts today


#1

Originally published at: https://boingboing.net/2018/06/26/forward-secrecy.html


#2

Why? What so special about WPA3 that it can’t be patched in? As someone that recently spent hundreds of dollars upgrading my home WiFi network, I say fuck that shit.

ETA: It looks like the vendor of my WiFi equipment (Ubiquiti) has stated they are investigating the feasibility of adding WPA3 support. Major props to them if they are able to add it without needing new hardware.


#3

Agreed. If this isn’t something that can’t be added in software/firmware, there are a lot of devices that will be left out in the cold. For example, there aren’t any new wifi cards being designed for the older mini-PCI-E slot. All new cards are in the newer M.2 format. So, older laptops simply aren’t upgradable–if hardware must be changed.

I really hope they though this through.


#4

Sadly, WPA3 was created using a closed process–no cryptographers or security researchers outside of the Wi-Fi Alliance could participate. Based on the track record of the Wi-Fi “security” standards we’ve gotten so far from this body, I expect there will be problems found in WPA3 soon after hardware starts shipping.


#5

Oh, crud biscuits.


#6

Looks like it.
Assuming that the idea is to get everybody to buy new gear.


#7

#8

LOL, that’s not what I meant. :slight_smile: But you’re probably right. sigh


#9

I suspect that it’s a combination of the fact that (especially if yo want high throughput on a battery-powered budget) you can’t, and vendors don’t, just implement wifi as SDR(there’s likely a lot of software-defined going on in there; but with the bottlenecks, which probably include cryptographic operations, backed by fixed function blocks). We saw a similar thing with the brief, risible, world of TKIP, where “Temporal Key Integrity Protocol” was a polite euphemism for “it’s WEP, because that’s all the hardware supports, but with the key changed hopefully more often than current attacks can infer it. Hopefully.”: Modifying devices to do WEP with more frequent re-keying didn’t require any new functionally, so it was doable for essentially everything not abandoned; but support of one of the non-ridiculous WPA modes required new hardware in most cases.

The fact that the Wifi Alliance is a trade group of wifi widget vendors probably doesn’t help; but any nontrivial tinkering with the cryptographic elements probably leaves a lot of hardware either incapable or(if the vendor felt like a bunch of hassle just to be assailed for lousy performance and high CPU utilization) firmware that stubs out most of the internal hardware and passes inputs to a pure software implementation of WPA3.

Team SDR and the security researchers would probably buy a dozen; but explaining to Joe User why “wifi” now works at a tenth the speed and requires all the power his phone can throw at it wouldn’t be a winner.


#10

Unlike the WEP reuse in TKIP, current hardware should at least have the ability to do AES-128. Given that the AES cypher family share their overall structure and only vary on a few things (# of rounds and some subtelties to the key schedule), there’s at least a good change that the hardware may be able to support AES-192, though at at least a 50% speed penalty.

The rest of the protocol was likely implemented in some kind of microcontroller built into the wifi hardware. And that may or may not have the memory space, performance, etc. to handle the new protocols added in WPA3. Also, we’re at the mercy of those vendors you mentioned who may not have much incentive to keep their old hardware going when they would rather sell you new. But that’s up to the vendor. The OEMs using those parts may have enough leverage to force the vendors to cough up support. (One can imagine that someone like Apple may decide they don’t want quite all of their old hardware to be left completely behind and push broadcom (or whomever makes their wifi) to support WPA3 on their existing hardware.

So, it’s possible, but it depends on way too many unknowns to be able to make a credible assertion as to how it will play out.

Being in the open source side of the world, I may have more luck than others as it may be possible to move some of the protocol tasks from the hardware and into either the driver or some other software layer on the computer. That was done before with crypto when moving to WPA/AES. Some older hardware that couldn’t do AES could be told to just pass encrypted frames up to the driver which would do the crypto in software. It took more CPU and added some latency to the process, but it allowed older hardware to be kept more secure and out of the dupster.


#11

Yet, somehow this new standard is being promoted by @doctorow as a Good Thing?

It truly is backwards day today.


#12

But will it blend?


#13

Obligs.


#14

The new standard is a package of changes including “fixing” WPS and some “protecting the user from themselves interface features”. The part of the standard that matters is switching from 128 to 192 bit AES, which is something Ubiquity, OpenWRT, etc will have no problem implementing. Perhaps there is some low grade hardware that won’t be able to do it.


#15


#16

Given that Apple recently got out of the router-making game, they don’t have any new hardware to push people into buying, and the hardware SKUs that do exist will likely get their standard 5 years of support. Whether that extends to new security standard support or just security fixes, I don’t know. Apple’s been on a pretty big privacy push of late that this would seem to fall right in line with, but I also wouldn’t be surprised if they just don’t have the team on staff anymore to bother with implementing WPA3 in their AirPort firmware.


#17

They might not be making routers, but they still make a whole bunch of client devices that use wifi (iPhones/pads/Macbooks etc). If they roll out an update that enables (eg) every recent iPhone to use WPA3, then there’ll be more pressure on manufacturers to put out WPA3 capable routers, as opposed to if they don’t introduce it until the next iPhone refresh.


#18

The change in encryption is a problem for a lot of home devices. Most of them have a dedicated bit of hardware to handle AES encryption and offloading the resource intensive task of encryption to software would break the backs of the low powered processors you typically find in consumer grade routers.


closed #19

This topic was automatically closed after 5 days. New replies are no longer allowed.