Iphrothokholi entsha ukuvikelwa kwamanethiwekhi e-Wi-Fi amenyezelwe yi-Wi-Fi Alliance ngoJanuwari 2018. I-WPA3, yini elindelekile isatshalaliswe kabanzi ungakapheli lo nyaka.
Yilokho eyakhelwe ezingxenyeni eziyinhloko ze-WPA2 futhi izoletha ezinye izici ukwenza lula ukusethwa kokuphepha kwe-Wi-Fi kubasebenzisi nabahlinzeki bezinsizakalo, ngenkathi kuthuthukiswa ukuvikelwa kokuphepha.
Lokhu kufaka phakathi izici ezine ezintsha zamanethiwekhi e-Wi-Fi womuntu siqu.
Ngokwe-Wi-Fi Alliance, ezimbili zalezi zici zizohlinzeka ngokuvikelwa okuqinile noma ngabe abasebenzisi bakhetha amaphasiwedi angahlangabezani nezincomo eziyinkimbinkimbi ezivamile.
Ngamanye amagama, I-WPA3 ingenza amanethiwekhi womphakathi we-Wi-Fi aphephe kakhulu, okwenza kube nzima kumuntu okwinethiwekhi evulekile ukuthola idatha ethunyelwe ngamanye amadivayisi kunethiwekhi efanayo.
Kepha kushicilelwe umbiko omusha ngabaphenyi ababili abavela eNew York University naseTel Aviv University, babonakala besho okwehlukilenjengakwezinye izindlela zokuphepha ezisetshenziswe kuphrothokholi entsha ngokugqamisa ezinye zezinkinga ezihambisana nazo.
I-WPA3 ayikasetshenziswa futhi isivele iyinhlangano
Ukuhlaziywa kwakho, kuchaziwe Le ndatshana igxile kuphrothokholi ye-SAE Handshake WPA3. Lokhu kuhlaziywa ikhombise ukuthi i-WPA3 ithinteka emaphutheni ahlukahlukene wokuklama futhi ikakhulukazi, kungaba sengozini "ekuhlaselweni kwephasiwedi yokuhlukanisa".
Kodwa-ke, olunye ushintsho olubaluleke kakhulu olwethulwe yi-WPA3 protocol yi-SAE (Concurrent Peer Authentication) authentication mechanism.
Le yindlela egcizelela kakhulu ukufakazela ubuqiniso, isikhathi esibucayi lapho ukubhekwa kohlelo lwezokuphepha kufanele kusebenze ukuhlukanisa phakathi kokuxhuma okujwayelekile nokungena ngaphakathi.
Le ndlela entsha, eqinile ingena esikhundleni sendlela ye-PSK (Pre-Shared Key) esebenze selokhu kwakhululwa i-WPA2 ngo-2004.
Le ndlela yokugcina itholwe inqubo ye-KRACK. I-SAE iyamelana nalokhu kuhlaselwa, kanye nokuhlaselwa kwesichazamazwi okusetshenziswe ku-cryptanalysis ukuthola iphasiwedi, ngokusho kwe-IEEE Spectrum.
Ngamanye amagama, ngokusho kombiko walaba bacwaningi ababili kusuka eNew York University uMathy Vanhoef, Isitifiketi se-WPA3 sihlose ukuvikela amanethiwekhi we-Wi-Fi futhi linikeza izinzuzo eziningana ngaphezu kwe-WPA2 eyandulelayo, njengokuvikelwa ekuhlaselweni kwesichazamazwi ungaxhunyiwe ku-inthanethi
Nokho,, ngokusho kukaVanhoef noRonen, WPA3 inamaphutha amakhulu, ikakhulukazi ngokwemigomo womshini Ukuqinisekiswa kwe-SAE, owaziwa nangokuthi i-Dragonfly.
Ngokusho kwabo, I-Dragonfly izothinteka ekuhlaselweni okubizwa "Ukuhlaselwa okwahlukaniswa kwephasiwedi".
Bachaza ukuthi lezi ukuhlaselwa kubukeka njengokuhlaselwa kwesichazamazwi bese uvumela ophikisayo ukuthi abuyise iphasiwedi ngokusebenzisa kabi ukuvuza kwesiteshi noma kwesibili.
Ngaphezu kwalokhu, baveze incazelo ephelele nequkethwe yi-WPA3 futhi bakholelwa ukuthi izindlela ze-SAE zokulwa nesiminyaminya azikuvimbeli ukwenqatshwa kokuhlaselwa kwabasebenzi.
Ukuhlaselwa kwabasebenzi kusebenza kanjani?
Ikakhulu ngokusebenzisa ngokweqile ngaphezulu kokuvikela kwe-SAE Handshake ngokumelene neziteshi zesibili ezaziwa ngaphambili, isisetshenziswa ngezinsizakusebenza ezilinganiselwe ingalayisha ngokweqile iprosesa yendawo yokufinyelela ochwepheshe.
Ngaphezu kwalokho, benza inani elikhulu lokuhlaselwa ngezindlela ezahlukahlukene ezakha umthetho olandelwayo we-WPA3, njengokuhlaselwa kwesichazamazwi kwe-WPA3 lapho kusebenza ngemodi yenguquko, ukuhlaselwa kohlangothi lwe-microarchitecture eseceleni kweSAE Handshake, uthathe ithuba ukukhombisa ukuthi isikhathi esitholakele singasetshenziswa kanjani kanye nemininingwane ye-cache yokwenza "ukuhlaselwa kwephasiwedi" ngokungaxhunyiwe ku-inthanethi.
Lokhu kuvumela umhlaseli ukuthi athole kabusha iphasiwedi esetshenziswe isisulu.
Ekugcineni, bachaza ukuthi sebekufundile ukuthi kungenzeka yini ukuhlaselwa kwesikhathi ngokumelene nokuxhawulwa kweWPA3 SAE.
Ngokusho kwabo, lokhu kuqinisekisa ukuthi ukuhlaselwa kokuvumelanisa kungenzeka nokuthi imininingwane yephasiwedi ilahlekile. Lo mbiko uchaza kabanzi ngalokhu kuhlaselwa okuhlukahlukene kaVanhoef noRonen futhi uphakamisa izindlela zesisombululo zokwenza izinga liphephe kakhulu.
Ngokwesiphetho sabo, i-WPA3 ayinako ukuphepha okudingeka ukuthi kubhekwe njengezinga lokuphepha lesimanje futhi kuzodinga ukuthi kuthuthukiswe okunye ngaphambi kokuba yamukelwe kabanzi.