An open wireless network - one without any authentication or encryption allows anyone within range to intercept and view any other user's sent or received data. Today, it's likely that much of that data itself is encrypted as we secure TLS-secured web sites (HTTPS), use VPNs or other secure protocols and for that reason, using such services in a public or shared Wi-Fi facility is still acceptable.
Even using secure protocols over an unencrypted Wi-Fi connection does still expose various telemetry and parts of your activity footprint. The TLS handshakes themselves make it clear which web sites you're visiting. This means it's still far from ideal, but often a necessary compromise for the convenience. You can, of course, pass all of your services through a VPN - and that is recommended on any public network and using 2FA (two factor authentication) for any service that allows it is also recommended.
Within a corporate environment, however, less of the services will be secured by default - files loaded from your server, database access, printer data, telnet, FTP, internal email - all of those services may travel over your LAN and Wireless LAN in clear text. If you're using Wi-Fi there, encryption becomes essential.
Wi-Fi Protected Access or WPA was formally ratified in 2004 though it took a few years for it to become mainstream. Its predecessor, Wired Equivalent Privacy (WEP) was the previous 'standard' but by 2008 WPA had been partially cracked and soon after, off-the-shelf tools were available to crack it completely.
WPA2 has been promoted as the industry standard ever since, and our advice has always been to use it and never the older WEP or WPA protocols which are considered obsolete and insecure. Sometimes users are 'forced' to use the older WEP or WPA where they have very old hardware which doesn't support anything better. In those circumstances we'd recommend having a separate SSID for those devices so that devices which can use WPA2 can do so.
Fast forward to 2017 and, perhaps predictably, WPA2, the previous 'gold standard' was cracked. A researcher in the Netherlands (Mathy Vanhoef - remember the name, he'll be back...) published details of a vulnerability they named Krack. Krack was a vulnerability in WPA2 in the wireless clients (phones, laptops, printers etc.) not the Wi-Fi Base/router (unless it was set up as a client). Device manufacturers were able to issue firmware upgrades, however many devices, notably older ones or those no longer in production did not get patched firmware so WPA2 remains vulnerable to Krack there. As it's the client device that needed upgrading, patching the wireless AP or router wouldn't make any difference.
WPA3, the successor to WPA2 had already been ratified in 2017. WPA3 can provide these enhancements (not all are mandatory):
WPA3 is not universally supported yet but more new products will start to support it and some existing products through a firmware upgrade. We'd recommend you switch the WPA3 when your Wi-Fi base/router and client devices are able to support it, or consider upgrading them.
Any protocol, particularly one as universally used as the WPA family will always be subject to great scrutiny - by researchers (the good guys) or hackers/criminals or other bad actors. The fact that WPA3 is an open standard so clearly documented makes such scrutiny within the reach of anyone smart enough to understand the protocol and creative enough to see flaws.
By 2019, the first such flaws had already been found in WPA3 by...Mathy Vanhoef - yes, him again! This time he, together with another researcher, found flaws within WPA3's Dragonfly handshake released as 'Dragonblood'. Fortunately, the flaws were correctable (they were within implementations of the Dragonfly protocol, but not flaws in the protocol itself). As WPA3 is not widely supported yet, most new devices are likely to include fixes.
So, WPA3 is the latest and greatest Wi-Fi encryption system - there's nothing stronger for Wi-Fi and so we'd recommend its adoption when available (remember, your AP and your devices both need to support it). WPA2 does still provide security and should be used when WPA3 isn't an option. If you need a mixed mode environment, you can have mixed mode on a BSS but also you could consider separate SSIDs.
Even with WPA3 you can, of course, add additional protections such as always using secure transport protocols or using a VPN. If your organisation supports it (see later section).
WPA3-Enterprise
WPA3-Enterprise requires a back-end RADIUS server, the use of the 802.1x authentication method and mandates higher order (192-bit) encryption and other security enhancements including:
SAE vs. PSK
Earlier, we stated that WPA3 uses a method called Simultaneous Authentication of Equals (SAE), replacing the Pre-Shared Key (PSK) used in WPA2 and earlier. In both methods, users have a password to connect to the Wi-Fi network.
Where SAE and PSK differ is in their ability to protect against brute force attacks. With PSK and a relatively weak password, you could capture a load of wireless data and then run the dictionary attack on it offline - i.e. against the data set on a computer, not against the live wireless network itself. Once you have the password, you can then use it to connect to the live WLAN.
SAE authentication cannot work 'offline' - it has to operate on the live WLAN, so a brute force attack can be detected by an AP and shut off after only a few failed attempts.
How does a Wi-Fi brute force attack work?
If a hacker wants to access your network wirelessly, he/she will need its password. They might just be able to get it by seeing it written on a whiteboard, post-it note or by using another social engineering method. If they can't get the Wi-Fi password, just as if a burglar doesn't have a key to your apartment, he/she has to use brute force to get in.
When authenticating with a password protected network, the client doesn't send the actual password across the link as that would be easy to intercept before the encryption is active and make the encryption pointless (like saying a password out loud!). Instead, the AP router and client device both generate a code called the Preshared Master Key (PMK) using a process called Password-Based Key Derivation (PBKD). The PBKD function itself is computationally costly, deliberately, to increase the computational cost of brute-force attacks (i.e. you need a powerful computer to run attacks quickly enough).
The PMK is not sent across the link either. A 4-way handshake is performed in which both ends confirm that they know the same PMK without actually disclosing what it is across the link. The 4-way handshake sends a Message Integrity Code (MIC) value between the two ends. This type of key establishment is known as a Zero Knowledge Proof (ZKP). Both ends then generate a Pairwise Transient Key (PTK) which they use to actually encrypt your data.
A hacker wishing to attack your WLAN will firstly capture data from the live target wireless LAN. He/She can do that from anywhere that they can get a signal, so typically outside of your building. That capture includes the elements within the 4-way handshake which forms the ZKP routine. The 4-way handshake only occurs when a legitimate client authenticates so the capture must include a period when that occurs. Alternatively, one can run a de-authentication attack, forcing clients to reconnect and instigate the 4-way handshake again, for you to capture.
A dictionary is a large file of commonly used passwords (11111, password, qwerty, abc123 etc). A widely used (popular) such file contains 15 million used passwords and those 15 million can be run through very quickly. It's for that reason that you should use complex passwords - mixtures of words, numbers and symbols, e.g. "drAytek%_routERS" - if you made that up, it would be unique and never in any dictionary.
In the case of a dictionary attack, a password from the dictionary is read and the PMK and the PTK values are calculated for that password. The PTK is then used to calculate a MIC value. If the MIC value calculated is equal to that within the 4-way handshake, then you've got a match - you now know the wireless password.
Cracking a password using brute force is very complicated; requiring a detailed understanding of many different protocols and the underlying maths - it's simply beyond most people., However there are off-the-shelf tools, downloadable free of charge which automate the whole process. That make it easy for someone with little technical knowledge to crack a network. It does, however, still require a lot of computing power. This blog suggests it's many years even on a cloud GPU, which is beyond the casual hacker's means.
WPA2 was also vulnerable to the Krack attack - check that your wireless client has been updated to protect against that.
To protect against brute force attacks, use complex passwords - long, with mixed alphanumeric, upper/lower case and special characters and control who you give those passwords to or where they are written. In a corporate environment, you may also consider 802.1x/WPA-Enterprise methods.
The new WPA3 protocol, a replacement for the current wireless security method, WPA2, mitigates against brute force attacks by using a different cryptographic method, Simultaneous Authentication of Equals (SAE) whereby authentication has to happen on a live network, allowing any brute-force attacks to be actively observed & stopped by a wireless Access Point.
Tags