10

Why is WPA3 going to be using 192-bit encryption and not 256-bit in the security suite?

Alex Probert
  • 491
  • 1
  • 3
  • 17
  • 2
    Relevant: [What are the practical differences between 256-bit, 192-bit, and 128-bit AES encryption?](https://crypto.stackexchange.com/questions/20/what-are-the-practical-differences-between-256-bit-192-bit-and-128-bit-aes-enc) – Arminius Feb 21 '18 at 17:01
  • 1
    I can't leave comments yet but I this seems to be a repeat of this question: https://security.stackexchange.com/questions/14068/why-most-people-use-256-bit-encryption-instead-of-128-bit – Magister Ludi Feb 21 '18 at 19:40
  • 1
    @MagisterLudi that appears to be the reverse problem – schroeder Feb 21 '18 at 19:42
  • 4
    Because 192 bits is enough? – David Feb 21 '18 at 20:03
  • 2
    Because the 192-bit procedure is a security requirement used by governments and big industrial organizations – tech_enthusiast Feb 22 '18 at 00:09
  • 1
    I imagine the key exchange being used does not provide 256 bits of security, but provides more than 128 bits. In fact, TLS almost used AES192 instead of AES256 because no key exchange algorithm provides more than 192 bits of classical security. I'm trying to find out what parameters WPA3 will use for key exchange but [RFC 8110](https://tools.ietf.org/html/rfc8110) allows for variable parameters. – forest May 29 '18 at 03:30

1 Answers1

1

The articles I'm reading echo J Modi's point. For instance:

WPA3 also contains a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, to help protect government and other secured networks, the Wi-Fi Alliance said.

Computer scientist Mathy Vanhoef thinks the

feature [that] will strengthen user privacy in open networks through individualized data encryption [may refer to] Opportunistic Wireless Encryption: encryption without authentication. See https://www.rfc-editor.org/rfc/rfc8110

Community
  • 1