After 14 years WPA3 is coming this year to enhance Wi-Fi security

The Wi-Fi Alliance has announced WPA3, a new standard of Wi-Fi security features for users and service providers. This is welcome news, given that a Wi-Fi exploit was uncovered late last year which affected all modern Wi-Fi networks using WPA or WPA2 security encryption, letting attackers eavesdrop on traffic between computers and wireless access points. The new WPA3 features will include “robust protection” when passwords are weak, and will also simplify security configurations for devices that have limited or no display interface.

“Wi-Fi security technologies may live for decades, so it’s important they are continually updated to ensure they meet the needs of the Wi-Fi industry,” said Joe Hoffman from consulting firm SAR Insight & Consulting in a statement. The Wi-Fi Alliance is made up of companies including Apple, Intel, and Microsoft. For those who work in coffee shops and often use public Wi-Fi, WPA3 will also have individualized data encryption that will strengthen privacy in open networks. While there aren’t further details about that tool, security researcher Mathy Vanhoef suggests that might refer to Opportunistic Wireless Encryption, or encryption without authentication.

WPA2 uses a four-way handshake that ensures the same password is being used by both clients and access points when they join a Wi-Fi network. Vanhoef told ZDNet that the WPA3 standard will use a new handshake, which won’t be vulnerable to dictionary attacks. Further, WPA3 will also feature a 192-bit security suite aligned with the Commercial National Security Algorithm (CNSA) Suite that will protect government, defense, and industrial networks that have higher security requirements. The new security features will be available later in 2018.

Hopefully, that’s the last major wireless security bug we see for a long while (WPA2 is now about 14 years old). To ensure enhanced security, the Wi-Fi Alliance is building four major features into WPA3:

Robust protections even when users choose passwords that fall short of typical complexity recommendations.

A simplified process of configuring security for devices that have limited or no display interface.

Strengthened user privacy in open networks through individualized data encryption.

A 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, will further protect Wi-Fi networks with higher security requirements such as those in use in government, defense, and industrial sectors.

If you’re buying a new router or other network equipment later this year, you’ll want to look out for WPA3 certification. Android Police notes that your existing hardware may not receive WPA3 firmware updates because of the certification requirement, but that will largely depend on whether manufacturers care to take the effort to secure the devices they’ve already sold.

Comments

My Life as Information security engineer Chapter 1: Tools

Hi folks, here I am going to share the tools list that I am using in my daily life cycle. NMAP Nmap (“Network Mapper”) is a free and open-source (license) utility for network discovery and security auditing. Basically, I will use it to discover the open ports and closed ports where I did Port Mapping in firewalls. We can use this in the local network as well as in the WAN network. Also with help of the NSE script, we do multiple things like vulnerability check, exploitation, etc., Ref: http://www.piratesshield.com/2017/11/nmap-network-mapper-securtiy-scanner.html CURL and WGET curl is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). Normally using this tool to analyze the website headers when my web security device blocking some dynamic content websites and to create the Application signature in IPS. Wget using to download files directly instead of opening and surfing the brow

AquaSec Container Security Solution ( DevSecOps ) - A quickView

What is AquaSec? The Aqua Platform is the leading Cloud Native Application Protection Platform (CNAPP) and provides prevention, detection, and response automation across the entire application lifecycle to secure the supply chain, secure cloud infrastructure, and secure running workloads wherever they are deployed. Solutions : Cloud Native Security Platform CSPM Cloud Security Container Security Kubernetes Security Serverless Security Cloud VM Security Dynamic Threat Analysis (DTA) Container Vulnerability Scanning Aquasec offers a 14days trial to learn the container security / Automated DevSecOps. Use this link to get free trail Sign In | Aqua (aquasec.com) How to start with AquaSec? Once login into the portal click the nine dots in the left-side top > Aqua Hub Then click the "Integrations" The Integration page has a lot of options to connect your container Platform Choosing your platform provides the required key to integrate. (follow the OEM documents ) The

What is IP Obfuscation ? How it's working ? how to use Cuteit tool ?

What is IP Obfuscation? Which is a method to hide or convert a doted format IP address (e.g. 192.168.192.2) into an Integer or Hexadecimal value or Octal form by using some mathematical formula. It’s a kind of method to spoof the human eyes and web security services. dot format to Decimal Conversion piratesshield.com 👉 [172.67.129.3] to translate (172 x256 3 )+(67×256 2 )+(129×256 1 )+(3×256 0 ) = 2890105091 Now you can use https://2890105091 to access piratesshield.com This is one of the ways to do IP Obfuscation. The tool ‘ Cuteit ‘ is A simple python tool to help you to social engineer, bypass whitelisting firewalls, potentially break regex rules for command-line logging looking for IP addresses and obfuscate cleartext strings to C2 locations within the payload. HOW TO USE CUTEIT ? Download & Install Cuteit from the below link git : git clone https://github.com/D4Vinci/Cuteit.git Direct link: https://github.com/D4Vinci/Cuteit/archive/master.zip usage: Cu

PIRATESSHIELD

Search This Blog