Wi-Fi Protected Access (WPA) is a security standard for users of computing devices equipped with wireless internet connections. WPA was developed by the Wi-Fi Alliance to provide more sophisticated data encryption and better user authentication than Wired Equivalent Privacy (WEP), the original Wi-Fi security standard
Wi-Fi is the most popular means of communicating data wirelessly, within a fixed location. It’s a trademark of the Wi-Fi Alliance, an international association of companies involved with wireless LAN technologies and products.
To understand Wi-Fi,The main requirement is that there’s a device that can transmit the wireless signal, like a router, phone, or computer.
The router transmits an internet connection coming from outside the network, like an ISP, and delivers that service to nearby devices that can reach andconvert the wireless signal into datas.
How wifi works ?
WiFi network makes use of radio waves to transmit information across a network. The computer should include a wireless adapter that will translate the radio signals sent into data. This same signal will be transmitted, via an antenna, to a decoder known as the router. Once decoded, the data will be sent to the Internet through a wired Ethernet connection.
WiFi works on the same principle as other wireless devices – it uses radio frequencies to send signals between devices. The radio frequencies used in walky-talkies, car radios, cell phones are normally in the range of Kilohertz and Megahertz whereas in Wi-Fi they are Gigahertz. They are either 2.4 GHz or 5GHz in Wi-Fi.
WPA2
This is the latest security protocol developed by Wi-Fi Alliance.
The Personal mode and the Enterprise mode deploy encryption method. These are called AES-PEAP/CCMP to encrypt data transmitted over the air.Authentication code in Enterprise mode is different from personal mode.
WPA 2 Enterprise (ENT)
WPA2 Enterprise uses IEEE 802.1X, which offers enterprise-grade authentication. In this setup, there is no shared passphrase. The Enterprise mode of security enables to assign users a unique username and password to log into the Wi-Fi, if you implement the popular PEAP method.PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.PEAP is designed to provide more secure authentication for 802.11x.
Benefits of WPA2-ENT
1.No shared passwords
2.Enables enhanced security methods
3.VLANs can be dynamically assigned
4.Supports Network Access Protection (NAP)
5.Authentication methods can be extended to the wired network
WPA3 uses four-way handshake technology to establish a connection that ensures the same password is being used by both client and access points when they join the network. WPA3 will also feature 192bit security suite aligned with the Commercial National Security Algorithm (CNSA) Suite that will protect the government, defense, and industrial networks that have higher security requirements.
WPA2 has been under attack,hacked too, including the WPA2 KRACK attack.There has been recent developmenst and Wi-Fi Alliance has addressed this by WAP3, released in June of 2018. It includes WPA3-Personal and WPA3-Enterprise versions.The Wi-Fi Alliance is in the early stages of developing a certification program known as Suite B for a set of encryption methods focused on encryption, key exchange, and related technologies for securing ultra-sensitive security domains. Suite B will likely be the next level of wireless protection.
According to the report published on CNET, WPA3 will block Brute-Force attacks. This new standard uses an old trick where an attacker can get thrown out after some incorrect login attempts and it blocks them completely after few guesses.Till then WPA2-ET is best possible Wi-Fi security option.