Widely adopted features eventually do get integrated, if market demands it. We will see how it goes. Your new device has free upgrades for life.

https://www.theverge.com/circuitbreaker ... tification

The big question is how long will it take Mikrotik to implement WPA3? We have no 802.11ac spectral scan, no 5 GHz TX power, no Wave2 support, no 802.11w support.. there are lots of other wireless protocol improvements that have been missing for a long time.

The WPA3 Certification announced yesterday revealed that only one of the four mechanisms described when WPA3 was first announced earlier this year is included in the Certification.

The mandatory Simultaneous Authentication of Equals (SAE) method replaces WPA2's four-way session key generating "handshake" that was vulnerable to the KRACK attack and offers protection against dictionary attacks in general. Since it occurs only during the AP-STA authentication process, SAE doesn't significantly increase processor load.

The upshot is that this watered-down definition of WPA3 should be able to be added to devices that currently support WPA2. So rip-and-replacing all your current Wi-Fi gear to get improved security should not be necessary.

The "will they/won't they" (upgrade existing stuff) question now boils down to how vendors view the priority of supporting existing products vs. pumping out new stuff. So I asked Qualcomm, Linksys and NETGEAR for their official word on plans to support WPA3 on existing Wi-Fi products. The question posed to each was "Could you please comment on your plans to support WPA3 in existing products?".

Since Qualcomm is at the top (or bottom) of the Wi-Fi food chain, let's start with them.

...
Qualcomm said:
"Qualcomm expects to incorporate WPA3 security features into chipsets in summer 2018 for mobile devices beginning with the Qualcomm® Snapdragon™ 845 Mobile Platform and on all Wi-Fi networking infrastructure products. We are supporting WPA3 on new SW releases (per timeline indicated above). Any vendor who ports the latest SW release for any AP product we supply, will support WPA3. This would include IPQ40xx family."

This felt a little wiggly, so I asked for confirmation whether WPA3 will eventually be supported "in all Wi-Fi devices in Qualcomm's current catalog and going forward, both AP and STA (client) devices". The response:

Qualcomm said:
"Any network infrastructure product (based on AR,QCA,IPQ chip/set) that ships, starting this summer, will support WPA3. Any mobile device SD845 or higher, supports WPA3."

...
Linksys said:
”Linksys plans to support next generation WPA3 security. This functionality is highly dependent on the Wi-Fi chipset provider, thus support will be on a case-by-case basis. If legacy products are supported, Linksys will deploy automatic firmware updates to all enabled products. In many cases, WPA3 support will be offered in newer chipset and products. More details will be released at time of availability.”

....
NETEAR said:
"We (NETGEAR) are working with our partners integrating latest security protocol WPA3 in our home networking products. We will inform media and customers when this update is available. Based on our investigations, we deem that it’s highly likely that the majority of products should be able to make use of the feature by updating firmware on existing product.

WPA3 has two components – Personal and Enterprise. Our statements are only in context of Personal WPA3. Enterprise version is supposed to add 192-bit encryption and may impact hardware."

I belatedly reached out to ASUS and will update this post with their response when I receive it.

Widely adopted features eventually do get integrated, if market demands it. We will see how it goes. Your new device has free upgrades for life.

How about WPA3 on Mikrotik routers in 2020 ?

Best regards,

Does Mikrotik has any roadmap to implement WPA3 in 2021?

Hi. I wonder, the wave2 driver is installed by default in 7.1.beta3 or do I have to activate it in some way?
I just read that it says "cli only" and I don't see wpa3 options

As long as clients are in transitional mode, they will connect to the WPA2-only access point. As soon as that happens, attackers have the four-way handshake.