A security protocol for Wi-Fi networks that provides enhanced encryption and authentication mechanisms to improve protection against unauthorized access and cyber threats. WPA3 provides many improvements to its predecessor, WPA2.
WPA3 support has been mandatory for devices which bear the “Wi-Fi CERTIFIED™” logo since July 2020.
The new standard uses an equivalent 192-bit cryptographic strength in WPA3-Enterprise mode (AES-256 in GCM mode with SHA-384 as HMAC) and still mandates the use of CCMP-128 (AES-128 in CCM mode) as the minimum encryption algorithm in WPA3-Personal mode. TKIP is not allowed in WPA3.
The WPA3 standard also replaces the pre-shared key (PSK) exchange with Simultaneous Authentication of Equals (SAE) exchange, a method originally introduced with IEEE 802.11s, resulting in a more secure initial key exchange in personal mode and forward secrecy. The Wi-Fi Alliance also says that WPA3 will mitigate security issues posed by weak passwords and simplify the process of setting up devices with no display interface. WPA3 also supports Opportunistic Wireless Encryption (OWE) for open Wi-Fi networks that do not have passwords.