To better protect Wi-Fi networks, the new WPA3 security protocol was created in 2018. One of its core features is that it prevents a malicious individual from rapidly trying to guess your Wi-Fi password. This means that with WPA3 you can use simpler passwords but still enjoy strong security. Unfortunately, our research uncovered design flaws in WPA3 that still allowed a malicious individual to crack the password. To fix this vulnerability, including other flaws that we discovered, we collaborated with the industry. As a result, when you now buy a new Wi-Fi device that supports WPA3, it will include our fixes.
Recently, we also discovered security issues that affect all versions of Wi-Fi. A malicious individual that is within range of a victim’s Wi-Fi network can abuse these vulnerabilities to steal user information or attack devices. Some of these security issues are present in the design of Wi-Fi, and as a result, all Wi-Fi devices are affected by them. Surprisingly, the root cause of some of these issues was already present in the first version of Wi-Fi, meaning these flaws have been part of Wi-Fi since its release in 1997! To protect users, we collaborated with the industry to prepare updates that mitigate the impact of our discovered attacks. We therefore strongly remind everyone to regularly update their devices.
You can visit https://wpa3.mathyvanhoef.com and https://fragattacks.com for more information.