Mark Krischer
[Cisco]
Mark has over 20 years of experience across Mobility and Security technologies, and joined Cisco in 2001 through the Radiata acquisition where he was the Director of Software Engineering.

As part of Cisco’s Wireless Networking Business Unit, Mark led the Sydney Software Engineering department, and was responsible for the design and development for such technologies as EAP FAST (IETF RFC 4851) and Protected Management Frames (802.11w).

Prior to his involvement in Wireless, Mark focused on Intrusion Detection and the application of Public Key Infrastructure (PKI) to secure networking protocols and services at BBN Technologies.

Through his engineering work, Mark holds 18 patents in wireless and security.

The Evolution of Wireless Security with WPA3 and Wi-Fi 6

Technical Level (3 being the highest score): 2

After nearly 15 years, the Wi-Fi Alliance has updated Wireless Protect Access to version 3. WPA3 provides several key enhancements to wireless security that provide a strong and secure foundation for wireless networks.

Beginning with WPA2 we will discuss WPA2-Enterprise and provide an understanding of EAP type selection, and WPA3 updates with Suite B encryption algorithms. We will also briefly review challenges with WPA2-Personal and new enhancements with WPA3.

In addition to secure wireless connectivity, mobility adds the requirement for secure fast roaming, and we will discuss how 802.11k, 802.11v and 802.11r solve the associated challenges. 802.11r ties to the well-publicised KRACK attack, and how WPA3 changes the interoperability testbed with the aim of preventing similar vulnerabilities in the future.

WPA3 also mandates 802.11w for Protected Management Frames. We will examine how 11w provides a strong foundation which immunises the network from most of the current wireless attacks. Protected Management Frames has interesting implications for rogue AP detection and mitigation which will be discussed.

We will also examine new capabilities associated with WPA3 which provide enhancements for both public Wi-Fi and IoT connectivity.

This session will provide a foundation for the design of secure wireless networks, building on current capabilities and laying a foundation for WPA3 and Wi-Fi 6. The intent is to explore not just the security capabilities themselves, but to do so from the perspective of the attacks that they defend against.

Secure your place now!