Funny enough, a Wi-Fi Alliance VP is expecting a near-universal adoption of WPA3 by late 2019. I'd be shocked if people even knew what WPA3 is by then...
Funny enough, a Wi-Fi Alliance VP is expecting a near-universal adoption of WPA3 by late 2019. I'd be shocked if people even knew what WPA3 is by then...
by the time this is widely available, HTTPS will already have near universal adoption anyway https://www.troyhunt.com/https-adoption-has-reached-the-tipping-point/
Overall I don't think WPA2 is insecure or needs replacing but being able to have secure open networks is really good. Hope openWRT and DD-WRT implement it soon
Overall I don't think WPA2 is insecure or needs replacing but being able to have secure open networks is really good.
Quoting @crespyl because he seems more knowledgeable than me
Quoting @crespyl because he seems more knowledgeable than me
It's been a while since I read up, but IIRC there's a few weak points and annoyances even though the overall system is still pretty solid.
Things like management frames not being well protected allowing for eavesdropping while clients are setting up a connection, being able to spoof deauth packets in certain circumstances, public access points not using any encryption between the station and clients, probably a few other things I'm forgetting.
I'm not aware of any huge flaws that would make upgrading the typical home or office set up a big priority though.
While the standard seems solid, I doubt I will be able to use it for quite a while. Slow adoption and legacy hardware will pretty much be the biggest factor keeping WPA2 around for the next...
While the standard seems solid, I doubt I will be able to use it for quite a while. Slow adoption and legacy hardware will pretty much be the biggest factor keeping WPA2 around for the next decade, at least one can use both WPA2 and 3 at the same time.
That aside, is there a real need to replace WPA2? it seems pretty secure already.
It's been a while since I read up, but IIRC there's a few weak points and annoyances even though the overall system is still pretty solid. Things like management frames not being well protected...
It's been a while since I read up, but IIRC there's a few weak points and annoyances even though the overall system is still pretty solid.
Things like management frames not being well protected allowing for eavesdropping while clients are setting up a connection, being able to spoof deauth packets in certain circumstances, public access points not using any encryption between the station and clients, probably a few other things I'm forgetting.
I'm not aware of any huge flaws that would make upgrading the typical home or office set up a big priority though.
I'm getting really worried about Ubiquity equipment. I've had more issues recently than when they were super new and beta-y. Random shutdowns, mesh failures, random disconnects, and all around...
I'm getting really worried about Ubiquity equipment. I've had more issues recently than when they were super new and beta-y. Random shutdowns, mesh failures, random disconnects, and all around just lots of issues that end up requiring a restart.
Edit: Talking about a large business class network here. Ubiquity for my home had been a dream
I don't want discourage someone from doing their home with ubiquity. I use it for my home with no issues and I love the power I have over my network. My issues have been on a business class...
I don't want discourage someone from doing their home with ubiquity. I use it for my home with no issues and I love the power I have over my network. My issues have been on a business class network with some complicated VPNs and dozens of users pulling lots of data; Probably should have mentioned that lol
I'm still running a PSP 3000 off WPA1 in AES mode. I double checked my brand new AC powered router, and it explicitly supports 802.11b with the original WEP keys that had to be the fixed size. I...
I'm still running a PSP 3000 off WPA1 in AES mode. I double checked my brand new AC powered router, and it explicitly supports 802.11b with the original WEP keys that had to be the fixed size. I have a feeling WPA3 won't arrive in public for many years...
The PSP (1000/2000/3000) doesn't actually support WPA2. It shows the access point but you won't be able to connect to it unless the AP allows WPA backward compatibility.
The PSP (1000/2000/3000) doesn't actually support WPA2. It shows the access point but you won't be able to connect to it unless the AP allows WPA backward compatibility.
I have it too, and it shows any WPA2 only access point as incompatible. I had to specifically enable the backwards compatibility mode to get it working, perhaps your router comes with that enabled...
I have it too, and it shows any WPA2 only access point as incompatible. I had to specifically enable the backwards compatibility mode to get it working, perhaps your router comes with that enabled out of the box? Either way, because it supports the AES implementation of WPA1, it's actually still secure; it was the TKIP format's vulnerabilities that broke WPA1, but the AES implementation doesn't suffer from the same vulnerabilities iirc. I'd love to use it on WPA2 though if there's a way to do that... Did you perhaps mod it or?
Worked for me on both modded and stock firmware. I might have the 3001 version but I'm not sure. Edit: Here people are saing you need to use "WPA2 with AES only (not TKIP-AES)"
Worked for me on both modded and stock firmware. I might have the 3001 version but I'm not sure.
Edit: Here people are saing you need to use "WPA2 with AES only (not TKIP-AES)"
Are you referring to this comment? If so, you're reading it backwards; they used to use WPA2 only, but had to enable TKIP to get it to work. I'm pretty sure no implementation of WPA2 using TKIP...
Are you referring to this comment?
Thanks....my problem was I using WPA2 with AES only (not TKIP-AES)
If so, you're reading it backwards; they used to use WPA2 only, but had to enable TKIP to get it to work. I'm pretty sure no implementation of WPA2 using TKIP exists; or if it does, I've never seen it anywhere. Rather, enabling TKIP implicitly enables WPA1, which is likely why it then works for them. At the very end of this thread, there's a conclusive comment that specifically states the PSP does not support WPA2 in any form. It's likely your router has a backwards compatible mode enabled and transparently communicates to your PSP with WPA1 and everything with WPA2; or at least, that's how mine does. I quoted it below for your convenience.
Posted 24 December 2015 - 08:53 PM
I just came back to this page (I know it's an old discussion) because my PSP insisted that I had to update "date/time from Internet" to awallow my PS+ games to work. The problem is, as this thread discusses, the PSP can't connect to home networks with WPA2. I believe that's still the case; always was; always will be. It can connect with WPA (without the 2). WPA2 is newer and more secure than WPA.
I've had to live with this for years; I set my router to WPA2 only, meaning it does not allow WPA authenticaion. My PSPs have never been able to connect (I think I did the thing with the USB cable to the PS3).
I've been trying again today after dusting off my PSP-2000 that has been unused for about a year. [Anyone have any GOOD sources for PSP batteries, BTW? -- not Chinese crap batteries that are dead when you get 'em]
So I tried many different things to just connect my PSP wirelessly, even though I don't think it ever worked before with my setup -- and I couldn't. But, I went to my router and changed the "WPA2 only" setting to "WPA / WPA2" meaning it allowed either. (it was already TKIP + AES). Sure enough, this did the trick -- my PSP connected fine, updated it's date/time, and firmware 6.6.1.
I'm looking forward to connecting to a public WPA3 hotspot 5-10 years from now.
Funny enough, a Wi-Fi Alliance VP is expecting a near-universal adoption of WPA3 by late 2019. I'd be shocked if people even knew what WPA3 is by then...
by the time this is widely available, HTTPS will already have near universal adoption anyway
https://www.troyhunt.com/https-adoption-has-reached-the-tipping-point/
Overall I don't think WPA2 is insecure or needs replacing but being able to have secure open networks is really good.
Hope openWRT and DD-WRT implement it soon
Isn't it insecure because the first data sent to it when connecting to it is unencrypted?
Quoting @crespyl because he seems more knowledgeable than me
While the standard seems solid, I doubt I will be able to use it for quite a while. Slow adoption and legacy hardware will pretty much be the biggest factor keeping WPA2 around for the next decade, at least one can use both WPA2 and 3 at the same time.
That aside, is there a real need to replace WPA2? it seems pretty secure already.
It's been a while since I read up, but IIRC there's a few weak points and annoyances even though the overall system is still pretty solid.
Things like management frames not being well protected allowing for eavesdropping while clients are setting up a connection, being able to spoof deauth packets in certain circumstances, public access points not using any encryption between the station and clients, probably a few other things I'm forgetting.
I'm not aware of any huge flaws that would make upgrading the typical home or office set up a big priority though.
Individualized data encryption sounds pretty cool. I need to read up on some of the cons.
Hm. I wonder if my Ubiquity WAPs will receive the upgrade to WPA3. It would be pretty nice if they did.
I'm getting really worried about Ubiquity equipment. I've had more issues recently than when they were super new and beta-y. Random shutdowns, mesh failures, random disconnects, and all around just lots of issues that end up requiring a restart.
Edit: Talking about a large business class network here. Ubiquity for my home had been a dream
Any thoughts as to why? I am looking into doing my home with ubiquity.
I don't want discourage someone from doing their home with ubiquity. I use it for my home with no issues and I love the power I have over my network. My issues have been on a business class network with some complicated VPNs and dozens of users pulling lots of data; Probably should have mentioned that lol
I'm still running a PSP 3000 off WPA1 in AES mode. I double checked my brand new AC powered router, and it explicitly supports 802.11b with the original WEP keys that had to be the fixed size. I have a feeling WPA3 won't arrive in public for many years...
You should get WPA2. WPA1 is broken and PSP 3000 supports WPA2(I know because I have one)
The PSP (1000/2000/3000) doesn't actually support WPA2. It shows the access point but you won't be able to connect to it unless the AP allows WPA backward compatibility.
I guess the 3001 version supports WPA2
Edit: Here people are saing you need to use "WPA2 with AES only (not TKIP-AES)"
I have it too, and it shows any WPA2 only access point as incompatible. I had to specifically enable the backwards compatibility mode to get it working, perhaps your router comes with that enabled out of the box? Either way, because it supports the AES implementation of WPA1, it's actually still secure; it was the TKIP format's vulnerabilities that broke WPA1, but the AES implementation doesn't suffer from the same vulnerabilities iirc. I'd love to use it on WPA2 though if there's a way to do that... Did you perhaps mod it or?
Worked for me on both modded and stock firmware. I might have the 3001 version but I'm not sure.
Edit: Here people are saing you need to use "WPA2 with AES only (not TKIP-AES)"
Are you referring to this comment?
If so, you're reading it backwards; they used to use WPA2 only, but had to enable TKIP to get it to work. I'm pretty sure no implementation of WPA2 using TKIP exists; or if it does, I've never seen it anywhere. Rather, enabling TKIP implicitly enables WPA1, which is likely why it then works for them. At the very end of this thread, there's a conclusive comment that specifically states the PSP does not support WPA2 in any form. It's likely your router has a backwards compatible mode enabled and transparently communicates to your PSP with WPA1 and everything with WPA2; or at least, that's how mine does. I quoted it below for your convenience.
I'm just hopeful that they had people on the committee who actually understand something about designing secure protocols.