CTS 320: WPA3-Enterprise Part 2
Clear To Send: Wireless Network Engineering - A podcast by Rowell Dionicio and François Vergès
Categories:
https://youtu.be/oEj-q2LpsWk Wi-Fi Alliance defines three modes of operations for WPA3-Enterprise: * WPA3-Enterprise only * WPA3-Enterprise transition mode * WPA3-Enterprise 192-bit mode This Episode is sponsored by WiFi Scanner Download your trial today at WiFiScanner.com Specifications WPA3-Enterprise Only Here are the important specifications: * An AP and STA shall enable at least AKM suite 00-0F-AC:5 (IEEE 802.1X with SHA-256) * An AP and STA shall not allow AKM suite 00-0F-AC:1 (IEEE 802.1X with SHA-1) * An AP and STA would support & use MFP * a STA shall not enable WEP and TKIP WPA3-Enterprise Transition Here are the important specifications: * An AP and STA shall enable at least AKM suite 00-0F-AC:5 (IEEE 802.1X with SHA-256) and 00-0F-AC:1 (IEEE 802.1X with SHA-1) * An AP and STA must support MFP WPA3-Enterprise 192-bit Here are the important specifications: * PMF must be required by both the AP and STA * Limited set of EAP cipher suites are allowed: * TLS ECDHE ECDSA with AES 256 GCM SHA384 * TLS ECDHE RSA with AES 256 GCM SHA384 * TLS DHE RSA with AES 256 GCM SHA384 Beacon Frames WPA3-Enterprise Only WPA3-Enterprise Transition Comparison between WPA3-Enterprise and WPA3-Enterprise Transition mode: Resources * Wi-Fi Alliance WPA3 Specifications → https://www.wi-fi.org/system/files/WPA3%20Specification%20v3.1.pdf * WPA3 Enterprise by Rasika (mrncciew) → https://mrncciew.com/2020/08/17/wpa3-enterprise/ * Configure JumpStart for Mist → https://www.mist.com/documentation/jumpcloud-for-radius/