WEBVTT 0:00:02.840000 --> 0:00:07.900000 Hello and welcome to this video titled an overview of WPA3. 0:00:07.900000 --> 0:00:10.280000 Let's go over the topics I'm going to cover. 0:00:10.280000 --> 0:00:13.460000 I'm going to start with why did we need another WPA. 0:00:13.460000 --> 0:00:16.760000 We already had WPA and WPA2. 0:00:16.760000 --> 0:00:19.180000 Why do we need WPA3? 0:00:19.180000 --> 0:00:22.720000 I'm going to do an introduction to WPA3 and show you where it fits in 0:00:22.720000 --> 0:00:25.380000 a timeline of Wi-Fi security. 0:00:25.380000 --> 0:00:30.020000 We're going to go over the differences between WPA3 personal and WPA3 0:00:30.020000 --> 0:00:36.680000 enterprise and finish up with some other WPA3 optional enhancements. 0:00:36.680000 --> 0:00:41.900000 So why did we need another Wi-Fi protected access? 0:00:41.900000 --> 0:00:46.820000 Well, one of the big reasons is that Wi-Fi protected access to or WPA2 0:00:46.820000 --> 0:00:56.760000 was introduced a long time ago, and the landscape of Wi-Fi has significantly 0:00:56.760000 --> 0:00:59.120000 changed in that time. 0:00:59.120000 --> 0:01:03.080000 For example, as it says here, users now are much more mobile, quickly 0:01:03.080000 --> 0:01:05.800000 bouncing from one wireless network to another. 0:01:05.800000 --> 0:01:10.680000 Now we have a lot more internet of things devices such as refrigerators 0:01:10.680000 --> 0:01:16.100000 and thermostats and cameras, which don't necessarily have a GUI or command 0:01:16.100000 --> 0:01:20.740000 line in order to connect to a Wi-Fi network. 0:01:20.740000 --> 0:01:22.920000 And people expect encryption. 0:01:22.920000 --> 0:01:26.340000 When people connect to a Wi-Fi network, they want to feel protected. 0:01:26.340000 --> 0:01:29.400000 They want to feel that their data is confidential. 0:01:29.400000 --> 0:01:33.220000 And the idea of connecting to an open network that is completely open, 0:01:33.220000 --> 0:01:36.220000 no password, no encryption makes people nervous. 0:01:36.220000 --> 0:01:37.800000 It certainly makes me nervous. 0:01:37.800000 --> 0:01:41.500000 So people want Wi-Fi encryption even over those types of networks like 0:01:41.500000 --> 0:01:43.620000 they have at airports and restaurants. 0:01:43.620000 --> 0:01:49.900000 So Wi-Fi protected access three was to develop to give us answers to some 0:01:49.900000 --> 0:01:51.200000 of these problems. 0:01:51.200000 --> 0:01:53.320000 So let's talk about it. 0:01:53.320000 --> 0:01:58.520000 So WPA3 adds several new features to WPA. 0:01:58.520000 --> 0:02:02.420000 Still retains the concepts of personal and enterprise, but there are different 0:02:02.420000 --> 0:02:04.760000 features available in each one of those. 0:02:04.760000 --> 0:02:07.680000 Now let's see where this fits on the timeline of things before we actually 0:02:07.680000 --> 0:02:10.260000 dig into some of those features. 0:02:10.260000 --> 0:02:17.220000 So we know that WPA was based on a draft of 802.11i. 0:02:17.220000 --> 0:02:22.300000 Then when 802.11i became standard and ratified in 2004, they upgraded 0:02:22.300000 --> 0:02:28.380000 WPA to match everything that was in the standard version of 11i, and that 0:02:28.380000 --> 0:02:35.400000 became WPA2. Then three years later, all those clauses like 802.11i and 0:02:35.400000 --> 0:02:40.620000 B and G were rolled up into a revised version of 802.11. 0:02:40.620000 --> 0:02:42.680000 That was in 2007. 0:02:42.680000 --> 0:02:52.840000 Now in 2009, 802.11s with SAE, SAE stands for simultaneous authentication 0:02:52.840000 --> 0:02:56.460000 of equals. We'll talk a little bit more about that. 0:02:56.460000 --> 0:02:57.740000 But that draft was approved. 0:02:57.740000 --> 0:02:59.860000 Now what was that? 0:02:59.860000 --> 0:03:04.980000 Well, normally when we think of Wi -Fi, we think of it from the context 0:03:04.980000 --> 0:03:10.440000 of a client like a laptop or a PC or a tablet connecting to an access 0:03:10.440000 --> 0:03:14.860000 point. And then once you connect to the access point, Wi-Fi is done and 0:03:14.860000 --> 0:03:18.280000 now your frames get onto the wired Ethernet network. 0:03:18.280000 --> 0:03:21.360000 But in some cases, that's not possible. 0:03:21.360000 --> 0:03:24.980000 For example, think of a scenario where you might be sitting out in a park 0:03:24.980000 --> 0:03:32.040000 somewhere. So this is you with your laptop and maybe there's a telephone 0:03:32.040000 --> 0:03:38.260000 pole in that park and a telephone pole has an access point on it. 0:03:38.260000 --> 0:03:42.300000 Now maybe we can run some power up to that access point, but there's no 0:03:42.300000 --> 0:03:46.140000 way for us to connect an Ethernet cable from that access point to the 0:03:46.140000 --> 0:03:50.320000 switch because the switch might be just too far away to get to. 0:03:50.320000 --> 0:03:54.060000 So in this type of environment, we might see that actually that access 0:03:54.060000 --> 0:03:59.860000 point is connected to you and is connected to another access point, which 0:03:59.860000 --> 0:04:02.140000 is connected to another access point. 0:04:02.140000 --> 0:04:06.460000 And then maybe this access point is then connected to an access point 0:04:06.460000 --> 0:04:08.220000 that's on top of a building. 0:04:08.220000 --> 0:04:12.240000 Here's an AP up here. 0:04:12.240000 --> 0:04:16.560000 And this one is connected to the wired distribution system. 0:04:16.560000 --> 0:04:21.700000 So all of these access points are connected to each other in what's called 0:04:21.700000 --> 0:04:25.300000 a mesh network. We call this wireless mesh. 0:04:25.300000 --> 0:04:29.480000 So you send your data the first one and that goes the second one, third 0:04:29.480000 --> 0:04:33.020000 one, fourth one before it finally gets onto the wired distribution system. 0:04:33.020000 --> 0:04:45.140000 Now with wireless mesh, some people said, you know what? 0:04:45.140000 --> 0:04:47.500000 We can run some of these networks and screwing all this up. 0:04:47.500000 --> 0:04:52.320000 And not only that, but we want to have some sort of routing with this 0:04:52.320000 --> 0:04:56.120000 to where we can route the stuff from the closest access point to the next 0:04:56.120000 --> 0:04:57.460000 closest access point. 0:04:57.460000 --> 0:05:00.680000 That's what 802.11s was all about. 0:05:00.680000 --> 0:05:05.220000 It was all about how do we get Wi-Fi mesh routing in place and how do 0:05:05.220000 --> 0:05:06.720000 we make this more secure? 0:05:06.720000 --> 0:05:11.400000 So the security component utilized something called simultaneous authentication 0:05:11.400000 --> 0:05:16.480000 of equals. It was a much more secure form for two devices to authenticate 0:05:16.480000 --> 0:05:19.560000 with each other than had previously existed. 0:05:19.560000 --> 0:05:22.940000 So that's what 802 .11s was all about. 0:05:22.940000 --> 0:05:25.880000 So what does that have to do with what we're talking about here? 0:05:25.880000 --> 0:05:33.300000 Well, in 2012, 802.11n was updated again. 0:05:33.300000 --> 0:05:35.560000 So this was the second time that had been updated first. 0:05:35.560000 --> 0:05:38.940000 It was 2007. Actually, it might even have been a little bit before that. 0:05:38.940000 --> 0:05:40.000000 Then it was 2012. 0:05:40.000000 --> 0:05:49.160000 2012, 802.11 incorporated 802.11s, which had this simultaneous authentication 0:05:49.160000 --> 0:05:51.460000 of equals in it. 0:05:51.460000 --> 0:05:56.300000 And the Wi-Fi alliance in 2018 said, you know what? 0:05:56.300000 --> 0:05:59.460000 That sounds like a real smart way of doing security, even between like 0:05:59.460000 --> 0:06:02.580000 a laptop and an access point and a typical wireless LAN. 0:06:02.580000 --> 0:06:09.100000 So they came up with WPA3, which among other things utilizes this much 0:06:09.100000 --> 0:06:13.680000 stronger form of authentication called simultaneous authentication of 0:06:13.680000 --> 0:06:16.980000 equals. So now let's go into some of the differences here. 0:06:16.980000 --> 0:06:21.660000 Let's start with WPA3 personal, since the personal additions of all forms 0:06:21.660000 --> 0:06:29.360000 of WPA are much more popular than the enterprise additions. 0:06:29.360000 --> 0:06:34.900000 So WPA3 provides more robust password -based authentication even on networks 0:06:34.900000 --> 0:06:40.120000 with weak passwords because we don't have to deal with pre-share key anymore. 0:06:40.120000 --> 0:06:44.560000 Now we deal with simultaneous authentication of equals. 0:06:44.560000 --> 0:06:48.300000 Now that still might be based on a shared key. 0:06:48.300000 --> 0:06:50.340000 You might still be given a passphrase or something. 0:06:50.340000 --> 0:06:55.580000 But the actual way that that passphrase is used to authenticate you is 0:06:55.580000 --> 0:06:58.480000 completely different than pre-shared key. 0:06:58.480000 --> 0:07:03.100000 Simultaneous authentication of equals is actually a very complicated process, 0:07:03.100000 --> 0:07:06.320000 much more physics and everything that I'm going to go into right here 0:07:06.320000 --> 0:07:08.180000 in math. But just take it from me. 0:07:08.180000 --> 0:07:12.380000 It's a very secure way of doing authentication. 0:07:12.380000 --> 0:07:15.820000 It also protects against offline dictionary attacks, where someone could 0:07:15.820000 --> 0:07:20.600000 just collect a bunch of your Wi-Fi data over like maybe 30 or 40 minutes 0:07:20.600000 --> 0:07:24.260000 or an hour, take it back home, and start trying to crack into it with 0:07:24.260000 --> 0:07:26.960000 just a combination of various random passwords. 0:07:26.960000 --> 0:07:30.880000 That's what we mean by an offline dictionary attack. 0:07:30.880000 --> 0:07:35.640000 And the per user encryption keys are not linked to the shared passphrase. 0:07:35.640000 --> 0:07:36.600000 This is a big difference. 0:07:36.600000 --> 0:07:42.440000 You see with WPA and WPA2, personal additions, when you had the shared 0:07:42.440000 --> 0:07:45.580000 passphrase that everybody in the coffee shop or everybody in the office 0:07:45.580000 --> 0:07:50.100000 had to know, your encryption keys, even though they might be changing 0:07:50.100000 --> 0:07:54.680000 over time, were all based on that pre-shared passphrase. 0:07:54.680000 --> 0:07:58.140000 So if you were really smart in like a math major in college or something, 0:07:58.140000 --> 0:08:02.100000 you could figure out a way to crack that encryption. 0:08:02.100000 --> 0:08:06.560000 Well, in WPA3, personal, it's all changed. 0:08:06.560000 --> 0:08:09.100000 That's not the case anymore. 0:08:09.100000 --> 0:08:13.200000 WPA3 also implements something called forward secrecy. 0:08:13.200000 --> 0:08:16.460000 This is just a sort of a high-level concept of what it means in forward 0:08:16.460000 --> 0:08:20.880000 secrecy. It means, hey, if someone manages to capture one of your packets 0:08:20.880000 --> 0:08:26.660000 and somehow they managed to crack what the encryption key was used to 0:08:26.660000 --> 0:08:31.200000 encrypt that packet, it's only going to help them on that one packet. 0:08:31.200000 --> 0:08:35.580000 All forward packets after that are still secret. 0:08:35.580000 --> 0:08:41.600000 So that's what we call forward secrecy, and WPA3 has that. 0:08:41.600000 --> 0:08:47.120000 WPA3 also required that you sell something called protected management 0:08:47.120000 --> 0:08:53.300000 frames. So in the world of 802.11 wireless, frames are divided up into 0:08:53.300000 --> 0:08:54.660000 three general categories. 0:08:54.660000 --> 0:08:58.900000 We have your data, which is like it sounds, carrying your data. 0:08:58.900000 --> 0:09:02.460000 We have management frames, which are used to manage the wireless LAN-like 0:09:02.460000 --> 0:09:08.560000 beacons, probe requests, authentication messages, and association messages. 0:09:08.560000 --> 0:09:12.840000 And then we also have control frames, like clear to send and request to 0:09:12.840000 --> 0:09:23.200000 send. Now, while the data might be encrypted, if you're doing WPA2 or 0:09:23.200000 --> 0:09:29.900000 WPA2, well, let's just stick with WPA and WPA2, the control and management 0:09:29.900000 --> 0:09:32.060000 frames were never encrypted. 0:09:32.060000 --> 0:09:34.220000 Those were always in the plain text. 0:09:34.220000 --> 0:09:37.260000 And this is what allows someone to insert a rogue access point and do 0:09:37.260000 --> 0:09:41.240000 all sorts of weird, funky stuff, like saying, hey, I'm the real payroll 0:09:41.240000 --> 0:09:45.340000 network. Or hey, I'm Bob, and goodbye, I'm leaving right now. 0:09:45.340000 --> 0:09:47.620000 Meanwhile, Bob's wondering what happened to my Wi-Fi network. 0:09:47.620000 --> 0:09:49.260000 I just got kicked off. 0:09:49.260000 --> 0:09:53.240000 So, protected management frames said, we're going to take a couple of 0:09:53.240000 --> 0:09:58.540000 those management frames, specifically the D association frame and the 0:09:58.540000 --> 0:10:00.540000 D authentication frame. 0:10:00.540000 --> 0:10:02.200000 And we're going to encrypt those. 0:10:02.200000 --> 0:10:07.500000 So now, if I join a wireless LAN, if I somehow managed to discover that 0:10:07.500000 --> 0:10:13.840000 Bob is on the same wireless LAN with WPA and WPA2, if I didn't like Bob, 0:10:13.840000 --> 0:10:18.300000 I could send to the access point, I could pretend to be Bob, you know, 0:10:18.300000 --> 0:10:21.760000 change my MAC address and whatever, pretend to be him, and now send to 0:10:21.760000 --> 0:10:25.480000 the access point, and message saying, hey, I'm deauthenticating, I'm de 0:10:25.480000 --> 0:10:27.460000 -associating, I'm leaving. 0:10:27.460000 --> 0:10:29.200000 And what happens to the real Bob? 0:10:29.200000 --> 0:10:31.720000 He's now been kicked off the wireless LAN because the access point has 0:10:31.720000 --> 0:10:32.720000 just released him. 0:10:32.720000 --> 0:10:37.000000 Well, with WPA3, they said, hey, you need to use protected management 0:10:37.000000 --> 0:10:41.360000 frames, which means those two frame types, D authentication and D association 0:10:41.360000 --> 0:10:43.080000 are now encrypted. 0:10:43.080000 --> 0:10:46.200000 Somebody can't spoof you and kick you off. 0:10:46.200000 --> 0:10:50.020000 So, WPA3, personal, required that. 0:10:50.020000 --> 0:10:53.100000 What about WPA3 enterprise? 0:10:53.100000 --> 0:10:56.480000 That also required the use of protected management frames, and it now 0:10:56.480000 --> 0:10:59.200000 introduced a brand new security method. 0:10:59.200000 --> 0:11:06.340000 And this is a mouthful here, a minimum of 192-bit encrypted keys that, 0:11:06.340000 --> 0:11:10.200000 quote unquote, aligns with the recommendations from the commercial national 0:11:10.200000 --> 0:11:15.420000 security algorithm suite, commonly in place with high security Wi-Fi networks 0:11:15.420000 --> 0:11:20.140000 and government defense, finance, and industrial verticals. 0:11:20.140000 --> 0:11:25.500000 That's a short way of saying that this is a, even more than AES, this 0:11:25.500000 --> 0:11:29.360000 is a much more secure encryption cipher that's used by like the national 0:11:29.360000 --> 0:11:35.460000 security agency, government contractors, you know, spies, whatever you 0:11:35.460000 --> 0:11:38.520000 want to say. So, this is much more secure than the previous encryption 0:11:38.520000 --> 0:11:42.560000 suites that were used before this. 0:11:42.560000 --> 0:11:48.120000 Now, WPA3 also has some additional enhancements there along with it, which 0:11:48.120000 --> 0:11:49.600000 make it kind of cool. 0:11:49.600000 --> 0:11:53.260000 We've got something called Wi-Fi enhanced open. 0:11:53.260000 --> 0:11:57.560000 Now, this utilizes something called opportunistic wireless encryption. 0:11:57.560000 --> 0:11:58.920000 Now, here's the real cool thing about this. 0:11:58.920000 --> 0:12:00.280000 What does this do? 0:12:00.280000 --> 0:12:05.020000 It allows for encrypted Wi-Fi sessions over open networks that don't even 0:12:05.020000 --> 0:12:06.640000 use a passphrase. 0:12:06.640000 --> 0:12:08.620000 So, think about this. 0:12:08.620000 --> 0:12:10.980000 Right now, maybe you're in an airport. 0:12:10.980000 --> 0:12:12.620000 This is a very common scenario. 0:12:12.620000 --> 0:12:14.680000 You're in an airport, you're sitting in the lounge, you're waiting for 0:12:14.680000 --> 0:12:19.060000 your flight. The airport is advertising free Wi-Fi. 0:12:19.060000 --> 0:12:21.640000 Now, the airport probably doesn't even have a password. 0:12:21.640000 --> 0:12:23.460000 There's no way they could post that everywhere. 0:12:23.460000 --> 0:12:24.700000 So, they just say free Wi-Fi. 0:12:24.700000 --> 0:12:30.220000 So, you check your Wi-Fi, you say, oh, there's R-U airport, click on that. 0:12:30.220000 --> 0:12:32.120000 No passphrase necessary. 0:12:32.120000 --> 0:12:33.180000 You're connected. 0:12:33.180000 --> 0:12:36.040000 Now, that is completely unsecured. 0:12:36.040000 --> 0:12:38.100000 There's nothing being encrypted. 0:12:38.100000 --> 0:12:42.300000 So, anybody with a Wi-Fi sniffer can see everything that's going on in 0:12:42.300000 --> 0:12:46.200000 that airport and see everybody's frames in plain text. 0:12:46.200000 --> 0:12:50.920000 But, with WPA3, they now found a way to get around that. 0:12:50.920000 --> 0:12:55.100000 Even in wireless LANs like that that don't have a password at all, you 0:12:55.100000 --> 0:12:59.620000 connect to it and magically, behind the scenes, your data is actually 0:12:59.620000 --> 0:13:02.960000 being encrypted between you and the access point. 0:13:02.960000 --> 0:13:09.740000 Now, at first, I thought to myself, wow, how do they do that? 0:13:09.740000 --> 0:13:13.760000 Because as we know, up until now, you at least needed a pre-shared key 0:13:13.760000 --> 0:13:18.080000 or something to base your encryption keys off of. 0:13:18.080000 --> 0:13:23.840000 How do I encrypt my laptop and the access point if I'm not providing anything? 0:13:23.840000 --> 0:13:27.340000 So, I looked that up, I'll tell you what, it basically fried my brain 0:13:27.340000 --> 0:13:28.460000 to see how that worked. 0:13:28.460000 --> 0:13:32.480000 I don't understand it, it's far more math and calculus than I care about. 0:13:32.480000 --> 0:13:35.820000 It uses something called Diffie Hellman, which is also used in other areas 0:13:35.820000 --> 0:13:40.340000 of security. Just trust me, it's complicated, but it works. 0:13:40.340000 --> 0:13:42.920000 It's a very cool thing and that will start getting rolled out in the next 0:13:42.920000 --> 0:13:48.460000 few years here. Another enhancement to WPA3 was something called Wi-Fi 0:13:48.460000 --> 0:13:52.720000 Easy Connect. So, what's the idea with this? 0:13:52.720000 --> 0:13:56.320000 Simplify is the process of configuring security for devices that have 0:13:56.320000 --> 0:13:58.860000 limited or no display. 0:13:58.860000 --> 0:14:01.380000 In other words, think of Internet of Things. 0:14:01.380000 --> 0:14:03.000000 So, think about this. 0:14:03.000000 --> 0:14:09.040000 Right now, let's say you go home and you decide to purchase a Wi-Fi enabled 0:14:09.040000 --> 0:14:12.440000 thermostat for your house. 0:14:12.440000 --> 0:14:15.980000 So, you do all the wiring for that thermostat, you plug it into the wall. 0:14:15.980000 --> 0:14:20.760000 Now, how do you connect that Wi-Fi thermostat to the wireless LAN in your 0:14:20.760000 --> 0:14:23.660000 house? After all, the wireless LAN in your house probably has some pre 0:14:23.660000 --> 0:14:26.000000 -shared keys, some password that you set up. 0:14:26.000000 --> 0:14:29.520000 Well, typically the way you do that is you have to download some app onto 0:14:29.520000 --> 0:14:33.340000 your tablet or smartphone that came with that thermostat. 0:14:33.340000 --> 0:14:37.400000 Open up that app and using the clumsy method of like the keyboard on your 0:14:37.400000 --> 0:14:39.600000 tablet, type in your pass rate. 0:14:39.600000 --> 0:14:43.060000 And if your pass rate is complicated like it should be with the at symbol 0:14:43.060000 --> 0:14:46.660000 and lowercase and uppercase, it can be kind of clugey to type that thing 0:14:46.660000 --> 0:14:51.160000 in to get your thermostat synchronized with your access point. 0:14:51.160000 --> 0:14:54.500000 Well, with Wi-Fi easy, connect they said, hey, let's make it easy. 0:14:54.500000 --> 0:14:59.220000 We're just going to do something like put a QR code on the thermostat, 0:14:59.220000 --> 0:15:01.500000 a QR code on the access point. 0:15:01.500000 --> 0:15:04.000000 You just scan both of those, voila! 0:15:04.000000 --> 0:15:08.500000 Now that Internet of Things device is connected to the wireless LAN securely. 0:15:08.500000 --> 0:15:11.360000 You didn't have to type in the passphrase. 0:15:11.360000 --> 0:15:18.640000 So that concludes this video on WPA3 and its enhancements and changes. 0:15:18.640000 --> 0:15:19.680000 I hope you found this useful.