le WPA3 arrive pour mieux sécuriser nos #WIFI

En octobre 2017, une méga-faille sur le coeur du protocole de communication WPA2 nous apprenait que les communications sans fil pouvait être aisément piratées. Sachant que le WPA2 est utilisé depuis 2004 par l’ensemble des composants et terminaux du cyber-espace, il est déjà clair que sa correction va prendre des années.

un petit clic pour ma veille

La situation n’est néanmoins pas désespérée car la Wi-Fi Alliance a annoncé la semaine passée sa nouvelle norme de sécurité de réseau sans fil WPA3.

L’une des améliorations clés de WPA3 vise le problème de sécurité des réseaux Wi-Fi ouverts. Habituellement,  ces réseaux Wi-Fi ouverts ne sont pas cryptés, ce qui permet à quiconque, sur le même réseau, d’intercepter les données envoyées par d’autres appareils. Ainsi, WPA3 utilise un cryptage de données individualisé, qui brouille la connexion entre chaque périphérique sur le réseau et le routeur.

Une autre amélioration clé de WPA3 protégera contre les attaques par dictionnaire en force brute. Le nouveau protocole de sécurité sans fil bloquera un attaquant après un trop grand nombre de tentatives d’échec du mot de passe.

Pour en savoir davantage sur ce nouveau standard:

Le communiqué de l’Alliance Wifi:

Wi-Fi Alliance® introduces security enhancements

Las Vegas, NV – January 8, 2018 – Wi-Fi Alliance ® introduces enhancements and new features for Wi-Fi Protected Access ®, the essential family of Wi-Fi CERTIFIED™ security technologies for more than a decade. Wi-Fi Alliance is launching configuration, authentication, and encryption enhancements across its portfolio to ensure Wi-Fi CERTIFIED devices continue to implement state of the art security protections.

Des articles en relation:

Wi-Fi Alliance Launches WPA2 Enhancements and Debuts WPA3

In a one-two punch, the Wi-Fi Alliance today introduced several key enhancements to its Wi-Fi Protected Access II (WPA2) security protocol and unveiled its next security protocol WPA3. « WPA2 has been around since 2003 and the Wi-Fi Alliance has constantly updated and enhanced it.

https://hotforsecurity.bitdefender.com/blog/wpa3-will-protect-weak-passwords-simplify-wi-fi-configuration-19423.html

http://www.zdnet.com/article/wpa3-wireless-standard-tougher-wifi-security-revealed/

 

WPA3 to feature much needed security enhancements – Help Net Security

The Wi-Fi Alliance, a non-profit organization that tests and slaps the « Wi-Fi Certified » logo on products that meet certain standards of interoperability, has announced enhancements for WPA2 and the imminent introduction of WPA3. WPA2 (Wi-Fi Protected Access II) is a security protocol widely used for securing wireless computer networks, and has been around for some 13-odd years.

Welcome to WPA3, the next step in Wi-Fi security

Nearly 14 years after it ratified WPA2 (Wi-Fi Protected Access 2), the Wi-Fi Alliance has given the world a peek at what might be coming next for wireless security.

et si vous aviez oublié la faille sur WPA2, voici un bref rappel :

‘All wifi networks’ are vulnerable to hacking, security expert discovers

The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness. Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.

Serious flaw in WPA2 protocol lets attackers intercept passwords and much more

Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

A major WPA2 security flaw puts almost every Wi-Fi device at risk

A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack. The bug, known as « KRACK » for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks.

 

Veilleur et spécialiste en cybersécurité

Newsletter

Me suivre: