WPA3: what are the main changes to the wireless security standard

by Marketing Team | Jan 12, 2018 | Classic Hotspot, WiFi Networks

WPA3: what are the main changes to the wireless security standard

On Monday, 8th of January, Wi-Fi Alliance, the non-profit organisation that promotes Wi-Fi technology and certifies Wi-Fi products, introduced “enhancement and new features for Wi-Fi Protected Access” .

After the KRACK attack and the discovery of WPA2 security problem that was putting at hijack risk all WPA2-compatible device like routers, computers and smartphones, Wi-Fi Alliance has announced a new security protocol: WPA3. WPA3 is a substitute for WPA2 (the wireless security standard since 2004) and should be landed later in 2018.

Four new capabilities will be launched in 2018 as part of the Wi-Fi certified WPA3. These features, available for personal and Wi-Fi networks enterprises, consist in delivering more robust protection regarding user’s password to access a Wi-Fi network and simplifying the security configuration for devices with a limited, or no display interface.

For example, a WPA3 key improvement aims to block “dictionary attacks”, or when a hacker tries to gain unauthorised access to a computer system by using a large set of words to generate potential passwords.
The new security protocol should prevent hackers from guessing a list of potential passwords to access a Wi-Fi network. Moreover, the hacker will be blocked after too many failed password thanks to its new handshake system ( WPA2 currently uses a four-way handshake).

Another interesting change touches on the open Wi-Fi networks. Open Wi-Fi networks are all networks in public spaces like café, airport, parks… that are not encrypted and so risky for the user whose data could be intercepted by a hacker.
WPA3 will use individualized data encryption that muddles the connection between each device on a network and the router. By doing so, WPA3 prevents hackers from stealing data or modifying websites.

Obviously, building a new wireless security standard takes time, and WPA3 won’t substitute WPA2 before few months, but Wi-Fi Alliance underlined the necessity of updating Wi-Fi security in a modern society where the Wi-Fi demand is increasing.

Related article:

Security breach in WPA2 protocol: what is the KRACK attack?

Useful tips for protecting your Wi-Fi network security

How web content filtering improves public Wi-Fi hotspot security

How to choose the best access point for your restaurant’s WiFi network (part 1)

by Marketing Team | Oct 31, 2017 | Classic Hotspot, WiFi Networks, Wireless Hardware

How to choose the best access point for your restaurant’s WiFi network (part 1)

Are you planning to deploy a new Wi-Fi network in restaurants? Read this article to find out the three main requirements for a successful Wi-Fi deployment.

When setting up a new Wi-Fi network, you need to make sure you choose the right access point depending on the environment in which it will be deployed and your project’s budget. As for Wi-Fi projects targeting restaurants, you need to consider the following aspects: the size of the network’s covered area, the number of concurrent users and internet usage.

1. Location size

The first step to consider is the size of your Wi-Fi network’s location: is the size of your restaurant big, medium or small?

On average, a large restaurant can hold from 80-200 people, a medium-sized restaurant from 30-80 people and a small restaurant from 10-30 people. Depending on the size of your venue, you will need to choose one or more access points to cover the area. Also, should your restaurant include a terrace or a small garden, consider that you will need to install not only indoor but also outdoor devices for your deployment. Check out the list of Tanaza’s supported access points: by being multi-vendor, Tanaza offers a wide range of devices, both for indoor and outdoor environments.

2. Number of concurrent users

Based on your location size, the number of concurrent users connected to your network will vary accordingly. The network of a large restaurant may host approximately a maximum of 30 concurrent Wi-Fi users, the network of a medium-size restaurant may host a maximum of 12 concurrent users, whereas the network of a small deployment will likely handle an average maximum number of 5 concurrent users.

3. Internet usage

Lastly, it is important to pinpoint what kind of online activity your Wi-Fi users will do while being connected to your Wi-Fi network. Indeed, some applications consume more bandwidth than others: for instance, the rate of data transfer in your network – measured in bits per second (bit/s) – will be lower when users message and chat on Facebook, Whatsapp or Telegram, check their emails and browse the web. On the other hand, a higher number of bits per second will be transmitted across your network when users share or download/upload pictures and files on Dropbox and Google Drive, stream Youtube and Netflix videos, make VoIP calls or video calls on Skype.

Read the second part of this article by clicking here!

Security breach in WPA2 protocol: what is the KRACK attack?

by Marketing Team | Oct 25, 2017 | Classic Hotspot, Industry news, WiFi Networks

Security breach in WPA2 protocol: what is the KRACK attack?

For the past few days, you have been able to read on the internet that Wi-Fi WPA2 protocol has been having? issues regarding its data security. In this article, we will explain this data security issue entails and why Tanaza is not concerned by this flaw.

“KRACK Wi-Fi attack threatens all networks”, “KRACK Wi-Fi flaw, the big issue for Wi-Fi network”… the internet has been in shambles for ten days due to the flaw discovery on the Wi-Fi network security process.

What is the KRACK issue?

KRACK stands for Key Reinstallation AttaCK and it designates the issue occurring when the third step of a four-way authentication process, performs in the wrong way.
To be clear, during the third step of the authentication process (when a device tries to connect to a protected Wi-Fi network), the encryption key can be sent multiple times to get access to the protected Wi-Fi network. Security issues occur when a hacker can collect this information and replay the transmission to break the Wi-Fi security encryption key.

What happens when the Wi-Fi encryption key is broken?

If a hacker gets the encryption key, they will be able to “sniff” your data and steal your sensitive information such as credit card details, emails, pictures, passwords and so on. The risk is the same as using a non-protected Wi-Fi network; users data is potentially accessible to all.
Moreover, the United-States Computer Emergency Readiness Team declared about KRACK issues that “the impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others”.

Which devices are vulnerable?

The KRACK attack is not an issue for the device itself, but the information it contains. All data sent on a Wi-Fi network without encryption key is as vulnerable as it when the user visits websites that are not HTTPS. You need to update your smartphone, tablet, router and computer with the latest security release to reduce the risk of data theft. Nevertheless, researchers said Android devices were more likely to be at risk rather than other mobile phones, same for Linux runners, considered as the most vulnerable devices.

Why are Tanaza users not concerned by this KRACK issue?

To prevent KRACK attacks in any Tanaza network, Tanaza introduced the fix in its latest firmware release. To avoid any risk, both the firmware and the customer device have to contain the fix for this attack.

This specific attack is against the 4-way handshake and it’s explicitly intended to exploit customers devices rather than access points. By using the Man-in-the-Middle attack (or MitM), hackers try to gather sensible data by misleading the device for the connection authentication and the user for the web surfing security (e.g. preventing websites from using HTTPS encryption and collecting any data such as usernames and passwords during any login process).
In a few words, if your access points runs on the latest Tanaza firmware and your devices are updated, you are protected from this KRACK issue.

If you want more information, read this article.

Related articles:

Useful tips for protecting your Wi-Fi network security

How web content filtering improves public Wi-Fi hotspot security

https://www.tanaza.com/classichotspot/technology/

4 reasons why 5G cellular won’t be a threat to Wi-Fi

by Marketing Team | Apr 6, 2017 | Classic Hotspot, WiFi Networks

4 reasons why 5G cellular won’t be a threat to Wi-Fi

5G is the next big revolution in mobile connectivity, is expected to be able to handle the increasing traffic related to the higher need for mobile data. The 5G wireless technology aims at providing better mobile broadband connectivity and speed for a wider range of customers.

In this scenario, is there a chance that the new 5G cellular network will eventually replace Wi-Fi?

We answered this question providing the main 4 reasons as to why the 5th generation wireless system (5G) and next generation Wi-Fi will probably coexist without representing a threat one for the other. In doing so, we relied on information collected by different sources, including: The 5G vs WiFi False Debate by Adlane Fellah, Shared Spectrum: Enabling 5G Mobile Broadband by Alex Marcham and 5G CELLULAR: WHY WI-FI NOT JUST SURVIVES, BUT PROSPERS by Craig Mathias.

1. Mobile users will likely continue to favour Wi-Fi over mobile connectivity

Currently, many mobile users prefer using Wi-Fi networks instead of 4G cellular ones. In particular, in developing countries where mobile connectivity is lacking and in developed mobile markets where mobile data is overpriced and limited, Wi-Fi is a valuable choice among smartphone users. Accordingly, as 5G is going to be the evolution of the current 4G cellular network, it is likely that many users will still favor Wi-Fi over 5G.

2. Wi-Fi will still be an affordable alternative to 5G

According to Cisco, by the end of 2021 data traffic on mobile networks per month will reach 49 EB (exabytes), in line with the development registered between 2011 and 2015. Consequently, the new 5G cellular, other than on the licensed spectrum, will also operate on the more affordable unlicensed and shared spectrum. This spectrum, in fact, currently enables technologies like Wi-Fi to foster connectivity and facilitate innovation while also carrying the growing number of data traffic expected in upcoming years.

To handle the large of amount of data traffic coming their way, network operators will opt to work with all technologies operating on the unlicensed spectrum, as opposed to solely relying on private licensed ones. This scenario might make it possible for customers in the Wi-Fi market – other than mobile network operators – to opt for 5G over Wi-Fi in the unlicensed and shared spectrum. Nevertheless, despite 5G’s well-performing connection, it is likely that it will be offered at a high price. This will continue to make Wi-Fi a valuable and affordable alternative choice for many customers due to the fact that lot of effort and money is required to enable the 5G connection to work with both the licensed and the unlicensed spectrum based on different protocols.

3. Wi-Fi already masters dense deployments

Given the expected extensive data traffic in the upcoming years, 5G will also rely more and more on small cells, which are known to be very effective to improve capacity, coverage and data range in congested areas. From this point of view, as opposed to 5G, Wi-Fi already has a big advantage, as it masters crowded deployments. Compared to the other wireless access technologies, Wi-Fi has the right requirements to handle the growing demand for connectivity by being able to increase the capacity of mobile networks and carrying large amounts of data traffic.

4. The Wi-Fi market is expected to increase

In the past few years, WI-Fi along with other cellular networks have developed extensively and its growth predictions are far optimistic. In fact, the global hotspot predictions for 2015-2020 made by Cisco’s VNI Mobile, show that Wi-Fi traffic, both from mobile and Wi-Fi-only devices, will account for 53% of total IP traffic by 2019.

The positive impact of WiFi at schools

by Marketing Team | Aug 10, 2016 | Classic Hotspot, WiFi Networks

The positive impact of WiFi at schools

WiFi has a positive impact on learning. Students and teachers are increasingly using wifi-enabled devices for educational purposes.

Nowadays, the way students learn is way different from how students used to learn years ago. This generation of students is a digital generation, and young people are used to work and develop their skills by using devices connected to the internet. Most students read books and write homeworks on their devices and some schools even provide their own PCs and tablets for the pupils.

Having WiFi connection at school means leveraging wifi-enabled devices for educational purposes. Nevertheless, catching up with tech-advancements might be a challenge for educational institutions, but bringing WiFi connection at schools will play an important role in delivering effective and engaging learning experience.

Indeed teachers can galvanize classes by offering more interactive activities with connected boards, leverage online platforms to share homework, create a common agenda. The WiFi network should be separated in two or three SSIDs, the first one with a code for the pupils in classes, the second one for the school administration, and the last one for the connected devices such as printers.

In an educational environment, using a content filtering is fundamental to protect children from inappropriate content. Tanaza features a web content filtering very easy to configure: like parental control, the WiFi administrator can select the categories of content to block, and creates his own blacklists.

Tanaza’s WiFi is 100% compatible with any client’s device, including the latest laptops, tablets, and smartphones. Nowadays, people have more than one connected devices which mean that, like the BYOD trend in offices, the WiFi administrator has to limit the number of devices that can access the network. Tanaza features a couponing system allowing the WiFi administrator to create coupon to limit and configure the internet session. Each coupon can be configured with a customize password, the network administrator can limit the number of devices connected , the bandwidth per client or per SSID.

Thanks to the connected devices and the usage of various applications that include 1:1 online programs (where teachers can provide personal lessons for the students lagging behind) and shareable digital contents (with which students and teachers can share files, etc.), students are getting more involved in interactive learning processes. Additionally, with the class management and remote controlling features, teachers are able to manage the situation in the classroom even if they’re absent, and monitor the class’ real-time statistics.

By using Tanaza WiFi for schools and universities, educational institutions can develop collaborative and interactive learning by providing free WiFi to students and staff.

More about Tanaza in the education sector

802.11ax: The next Wi-Fi standard

by Marketing Team | Apr 14, 2016 | Classic Hotspot, WiFi Networks

The next WiFi standard upgrade 802.11ax will deliver a faster performance speed in high-density deployment in comparison to precedent standards.

Each Wi-Fi standard includes identifying properties, specific to each upgrade, such as maximum range, bandwidth, speed or number of channels of a particular device. The 802.11ax Wi-Fi standard, for instance, still at a very early stage of its development, will be primarily designed for high-density deployments in public places.

(more…)