9 new products for the enterprise from CES 2018

OK, this is a protocol, not a product, but it’s still important: Without it, you won’t be able to use many of the other new products securely.

First we had WEP to help us secure our Wi-Fi connections, then WPA, then WPA2. One by one, like dominos, they toppled, with WPA2 succumbing to KRACK (Key Reinstallation Attack) in October 2017. But don’t worry, the Wi-Fi alliance has a plan.

Two, in fact, and it presented them at CES. The first is to conduct additional testing to ensure existing systems are implementing WPA2 securely. The second is to introduce WPA3, an update to the security protocol that will begin appearing in new devices later this year. It will require a minimum of 192-bit encryption (compared to 128 bits in WPA2) and force devices to perform a handshake with the network at each attempt to guess a password in a bid to prevent offline assaults on passwords. To protect users on open networks from eavesdropping, it will encrypt traffic differently for each user even where no password is required to access the network.

And finally, to help secure Wi-Fi connected IoT sensors with a limited user interface, it will define a way to provision such devices by touching them with a smartphone or similar device.

Source link