WBA Claims Wi-Fi Security Parity with Cellular Networks

Severity: Low (Score: 39.9)

Sources: Feeds2.Feedburner, Itnews.Au

Summary

The Wireless Broadband Alliance (WBA) has published a new Wi-Fi security framework asserting that Wi-Fi now matches cellular technologies in security capabilities. This framework consolidates existing standards and best practices, focusing on mutual authentication, encryption, identity privacy, and credential storage. Operators and enterprise IT teams are encouraged to implement WBA's recommendations to achieve this security parity, although compliance is not mandatory. Key technologies mentioned include WPA3, OpenRoaming, and RadSec, which enhances RADIUS authentication security. The WBA warns against using 'transition mode' that allows both WPA2 and WPA3, which could expose networks to downgrade attacks. Additionally, the guidelines discourage the use of EAP-TTLS with MSCHAPv2 due to its vulnerabilities. Security experts agree that properly configured Wi-Fi networks can indeed provide robust security comparable to cellular networks. Key Points: • WBA claims Wi-Fi security now matches cellular technologies. • Operators are advised to implement a new security framework for Wi-Fi. • Use of outdated protocols like MSCHAPv2 is discouraged due to vulnerabilities.

Key Entities

• OpenRoaming (platform)
• Passpoint (platform)