Received 18 September 2023, accepted 2 October 2023, date of publication 9 October 2023, date of current version 17 October 2023.

Digital Object Identifier 10.1109/ACCESS.2023.3322931

Wireless Security Protocols WPA3: A Systematic

Literature Review
ASMAA HALBOUNI, (Graduate Student Member, IEEE), LEE-YENG ONG , (Senior Member, IEEE),
AND MENG-CHEW LEOW , (Senior Member, IEEE)
Faculty of Information Science and Technology, Multimedia University, Malacca 75450, Malaysia
Corresponding author: Lee-Yeng Ong ([email protected])
This work was supported by the Telekom Malaysia Research and Development under Grant RDTC/221073 (MMUE/230002).

ABSTRACT The size of wireless networks and the number of wireless devices are growing daily. A crucial
part of wireless security involves preventing unauthorized access by using wireless security protocols in order
to protect the data in wireless networks. In 2018, Wi-Fi Protected Access 3 (WPA3) was ratified to protect the
data in devices bearing the Wi-Fi trademark. WPA3 has many security improvements over previous wireless
security protocols, by providing a better encryption method and key sharing. In this paper, a Systematic
Literature Review (SLR) was conducted to analyze three aspects of WPA3 protocol: the reasons behind the
release of WPA3, the encryption methods and mode of operation in this protocol, and the attacks that remain
penetrating WPA3. In this review, thirty-six articles were identified as the selected research articles, written
between 2018 and 2023, focusing mainly on WPA3. After the analysis of the selected articles, the encryption
methods and modes of operation were presented in the SLR. In addition, the vulnerabilities that the WPA3
protocol solved and the ones that remain unsolved were discussed. This study concluded that WPA3 excels
over its predecessors by providing more security and reliability to wireless networks. The result of this SLR
of WPA3 proposes two methods that seek to increase the security level of WPA3 networks, which has been
discussed in the discussion section.

INDEX TERMS Wireless security protocol, Wi-Fi Protected Access 3, WPA3.

I. INTRODUCTION risks, hence various protocols have been developed through-

The most common type of network is wireless networks, out time to offer security against various risks. In 1997, the
which connect devices without using cables to exchange data. 802.11 WLAN standard is introduced by the Institute of
Wireless networks are expanding continuously, whether for Electrical and Electronic Engineers (IEEE). Various wireless
public use at the corporate level or for personal usage at security standards were developed to be employed in the
home. Wi-Fi has become an essential and normal part of wireless networks used in homes, offices, and public areas
our daily lives. When explaining wireless terminologies, the [1]. Wired Equivalent Privacy (WEP) was the first security
terms Wireless Local Area Network (WLAN) and Wi-Fi are protocol to be released, and in 2004, it became deprecated.
usually used interchangeably. WLAN is a type of network After WEP, Wi-Fi Protected Access (WPA) and Wi-Fi Pro-
where data is exchanged wirelessly using high-frequency tected Access 2 (WPA2) were introduced with the IEEE
radio waves. Wi-Fi refers to the family of wireless network 802.11i standard. WPA was introduced in 2003. After WPA
protocols known as IEEE 802.11 that can build WLANs. was proven to have major flaws and vulnerabilities, it was
The data in the wireless network is propagated in a wireless replaced by WPA2 in 2004 and is still being used until now.
medium, making it insecure against internal and external Finally, Wi-Fi Protected Access 3 (WPA3) was released in
security threats, where anybody who breaches wireless secu- 2018 to solve all the shortcomings of its predecessors by
rity can access the network. Wireless networks have security providing high protection and usability for its users [2].
The advancement of WPA3’s encryption and encoding
The associate editor coordinating the review of this manuscript and methods proved its ability to deliver higher security levels
approving it for publication was Dr. Mueen Uddin . to both personal and enterprise users. When investigating
2023 The Authors. This work is licensed under a Creative Commons Attribution 4.0 License.
112438 For more information, see https://creativecommons.org/licenses/by/4.0/ VOLUME 11, 2023
A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

related works on WPA3, the results show that WPA3 is A. WIRED EQUIVALENT PRIVACY (WEP)
implemented to overcome the previous security protocols in WEP was introduced to provide security for wired LANs by
addition to the vulnerabilities solved by WPA3 and the ones encryption. It is based on Rivest Cipher 4 (RC4) encryption
that remain unsolved. However, at the time of conducting to increase the speed of communication [4]. The encryption
this work, there was no research focusing on providing a key of WEP is 64-bit composed of a secret key of 40-bit
systematic literature review purely on WPA3. Even though long with a 24-bit initialization vector (IV) concatenated to
WPA3 is still new, some review papers on wireless security it. WEP uses Cycle Redundancy Check known as CRC-32
have included it to compare it with its predecessors. to compare the plaintext to Integrity Check Value (ICV) for
Several studies on cybersecurity threats and vulnerabilities integrity [1].
of wireless security protocols can be found in [3] and [4]. WEP has proven to be vulnerable and easy to be broken [4].
Both research discussed how wireless networks are attacked In 2003, free software was able to crack the WEP’s passwords
using the design flaws in WEP, WPA, and WPA2. The vulner- within minutes. Another vulnerability in WEP is its ability
abilities in WEP, WPA, and WPA2 protocols are mentioned to broadcast fake data packets because of the shared key
in [3], while [4] presented an evaluation among the wireless authentication, which makes it easy for an attacker to forge
security protocols based on encryption, authentication meth- an authentication message. The reuse of the initialization
ods, and wireless security requirements, besides including a vector also makes WEP weak, where different cryptanalysis
comparison among WEP, WPA, WPA2, and WPA3. methods can decrypt the data. Other attacks can be found
A review has been conducted to examine the danger in [1]. In 2004, the Wi-Fi Alliance officially abandoned the
of Wi-Fi networks and the insecure reasons among WEP, WEP protocol [4], [8].
WPA, WPA2, and WPA3 [5], [6]. However, [5] only focused
on mentioning the vulnerabilities in these protocols with-
B. Wi-Fi PROTECTED ACCESS (WPA)
out giving practical countermeasures to avoid them and in
WPA was released to tackle the issues in WEP without the
[6] mentioned the vulnerabilities in addition to suggestions
need of changing the hardware. It was only firmware upgra-
added to WPA3 to update the protocol.
dation required to uplift the security aspect based on the same
To the best of our knowledge, there is no systematic liter-
hardware. WPA uses Temporal Key Integrity Protocol (TKIP)
ature review (SLR) focusing solely on the security certificate
for encryption where it uses RC4 to generate other keys.
WPA3. Therefore, this systematic review presents an exten-
In WPA, 128-bit per packet is generated dynamically. The
sive research study on the reasons behind the release of
Pre-Shared Key (PSK) is a static key used to initiate com-
WPA3, the encryption methods and mode of operation in this
munication between two parties. To authenticate the wireless
protocol, and unsolved vulnerabilities of the wireless security
devices, a 256-bit is used, but it is never transmitted over
protocol WPA3. This SLR is conducted based on Kitchenham
the air. The encryption key and Message Integrity Code are
and Charter’s method [7]. The primary aim of this work is
derived from the PSK. The 4-way handshaking mechanism is
to provide SLR of WPA3 to help researchers know more
used to provide for key management [8], [9].
about WPA3. The contributions of this systematic review are
The main vulnerability in WPA is in RC4, where having
summarized as follows:
1. Showing the reasons behind the release of the WPA3 keys computed under the same initialization vector makes it
protocol. easy to compute the Temporal Key by an attacker. Another
2. Discuss the main features of each wireless security pro- vulnerability is when there is a poor password, then it is
tocol and their related attacks. vulnerable to brute force attacks where a dictionary attack can
3. Highlights the vulnerabilities of WPA3 that remain be used if the password is less than 20 characters [8]. Other
unsolved. In addition to provide a discussion of attacks attacks can be found in [1].
in WPA3 between the years 2018 and 2023.
4. Propose two methods to improve the security of WPA3 C. Wi-Fi PROTECTED ACCESS 2 (WPA2)
protocol. WPA2 was able to deliver a significant enhancement over
The remainder of this paper is structured as follows: the previous security protocols. The big difference was in
Section II provides a brief description of the current state of its encryption method. WPA2 is using Counter Mode with
wireless security protocols. The method used in this work Cipher Block Chaining Message Authentication Code Proto-
is in section III. Section IV explains the results obtained col (CCMP), which uses the Advanced Encryption Standard
from the selected papers and a discussion. Section V defines (AES) block cipher for its data encryption [10]. To generate
the limitations of the study and the conclusion is given in a key in WPA2, a 4-way handshake is required to have
Section VI. a Pairwise Transient Key (PTK) and Group Temporal Key
(GTK), in addition to a group key handshake.
II. WIRELESS SECURITY PROTOCOL In WPA2, there are two modes of operation, Pre-Shared
This section describes the wireless security protocols in terms Key (PSK) mode for personal networks and enterprise mode
of the authentication process and vulnerabilities, starting with for larger corporate networks. In WPA2-PSK, an access point
WEP until WPA3. authenticates a client based on a password that is shared in

VOLUME 11, 2023 112439

 A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

advance, whereas the authentication in enterprise mode is 1) DRAGONFLY PROTOCOL

performed via the Extensible Authentication Protocol (EAP) Based on the Wi-Fi Alliance, SAE protocol is using a Drag-
in 802.1x architecture [9]. onfly handshake. According to some research, Dragonfly
One weakness in WPA2 is when an attacker can access and SAE are synonymous. For other searches, Dragonfly is
the network and have particular keys to execute an attack considered as one component of many in the SAE proto-
on other devices connected to the network. Although such col. IEEE 802.11 standard defines SAE as a variant of the
an action needs roughly 2 to 14 hours to be executed, it is Dragonfly, a password-authenticated key exchange based on
considered a security issue that must be solved [3]. In addition a zero-knowledge proof [4], [9].
to that, WPA2 allows the reinitialization of keys, which leads Dragonfly is a symmetric peer-to-peer protocol. In Drag-
to attacks called KRACK. This attack utilizes the 4-way hand- onfly, both participants of the exchange are considered equals
shake that wireless security protocols used to authenticate and have a secure symmetric key from a low-entropy shared
their users while connecting to the network. After setting the secret over insecure public channels, and so they can therefore
counters to their original settings, the attacker can replay and initiate the handshake simultaneously. Dragonfly is based on
decrypt messages [11]. The details of other attacks can be discrete logarithmic and elliptic curves (ECC) or finite fields
found in [1]. (FFC) cryptography. In Dragonfly, there are two message
exchanges between participants, the commit exchange and
confirm exchange, as shown in Figure 1 [15].
D. Wi-Fi PROTECTED ACCESS 3 (WPA3)
In June 2018, the Wi-Fi Alliance announced Wi-Fi Protected
Access 3 (WPA3) and in July 2020, WPA3 became manda-
tory for Wi-Fi-certified implementations. It was expected that
the adoption rate of WPA3 will grow fast, but the statistics
showed the opposite of that [12].
Enhancing the security of the WPA2-PSK handshake was
the primary motivation for the development of WPA3. Inde-
pendent researchers were unable to peer-review the newly
implemented features since the WPA3 development process
was kept secret from the public [13].
WPA3, similar to its predecessor, has two modes of opera-
tion: WPA3-Personal and WPA3-Enterprise. WPA3 permits
a transition mode where WPA2 and WPA3 are supported
simultaneously to provide backward compatibility [13]. FIGURE 1. WPA3 Authentication: Dragonfly protocol.
WPA3-personal is using Simultaneous Authentication of
Equals (SAE), which represents a secure key exchange pro- The first commit exchange messages can be initiated, then
tocol between peers designed for authentication purposes the process continues to confirm exchange messages after
[4], [9]. And so, the authentication is performed based on both participants confirm their unique, single guess at the
a password that is shared among all handshake parties. password. The commit exchange is to force each participant
A high-entropy Pairwise Master Key (PMK) is the output to reveal what they think the password is and the confirm
of WPA3-SAE authentication, that will be utilized as input exchange is to assess the correctness of the passwords pro-
for the 4-way handshake to create a Pairwise Transient vided by each participant. A successful confirmation occurs
Key (PTK) [13], [14]. Management Frame Protection (MFP) after a participant accepts the authentication, and when both
is used in WPA3-SAE mainly to prevent deauthentication participants accept the authentication, the handshake process
attacks where the attackers force the users to disconnect from will be terminated [9], [15].
the Access Point (AP) [14].
Not all the current 802.11 hardware is able to support MFP 2) MANAGEMENT FRAME PROTECTION (MFP)
or SAE, and so, WPA3 certificate has a transition mode that Management Frame Protection (MFP) is defined in the IEEE
supports WPA2 and WPA3 simultaneously. In this mode, 802.11w amendment and incorporated in IEEE 802.11 base
WPA2 AP will be connected using the 4-way handshake standard in 2012. MFP provides protection mechanisms for
without MFP, and WPA3 AP will be connected using the SAE management frames includes origin authenticity, confiden-
handshake with MFP. tiality, integrity, and replay protection. The mechanisms seek
WPA3-Enterprise is not fundamentally changed from the to improve the security levels and apply defense mechanisms
WPA2 version, but is focused instead on adding improve- against attacks targeting management frames. The Wi-Fi
ments and increasing misuse resistance. At a protocol level, Alliance made MFP mandatory in WPA3 protocol to prevent
WPA3 offers an optional 192-bit security mode that uses 256- the attacker from forcibly disconnecting a user from the
bit Galois/Counter Mode Protocol (GCMP), widely written as wireless network. WPA3 access points will advertise MFP as
GCMP-256, to provide authenticated encryption [9]. an optional due to the transition mode. WPA2 users will be

112440 VOLUME 11, 2023

A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

TABLE 1. Attacks still exist in WPA3.

connected using the 4-way handshake with MFP un-enabled 3) WPA3 ATTACKS
and WPA3 users will be connected using SAE with MFP There are many vulnerabilities that have been found in pre-
enabled. vious wireless security protocols that cause damage to the

VOLUME 11, 2023 112441

 A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

FIGURE 3. Inclusion and exclusion criteria.

1. RQ1: What are the reasons for the emergence of the

security certificate WPA3?
2. RQ2: What is the encryption method used in WPA3 that
FIGURE 2. Research review methodology. differs from its predecessors?
3. RQ3: What are the attacks that WPA3 was able to pre-
vent, and the attacks still could not prevent?
networks or acquire undesired control. WPA2 was modified
and updated to WPA3 in an effort to improve security by B. DATA SEARCH STRATEGY
addressing these vulnerabilities. Table 1 shows attacks in The search strategy is the most important part of a systematic
WPA3 protocol. In Table 1, the attacks were categorized literature review. The steps here are to define the keywords
as Before WPA3 and After WPA3. Before WPA3 means that and the source of the study. The search for articles in the
attacks do exist in the previous protocols and are still not English language was conducted from the following digital
solved by WPA3. After WPA3 means that attacks occurred libraries:
only in WPA3 because of either encryption methods or the • Google Scholar
handshake process. On the other hand, there are attacks that • ACM Digital Library
WPA3 was able to solve and prevent such as Handshake • Springer
Capture Dictionary Attack, PMKID Hash Dictionary Attack, • IEEE Xplore
Handshake Capture En/Decryption Attack, and finally the • ArXiv
most important one is the KRACK Attack that was the main • Science Direct
reason to develop WPA2 to WPA3 [1]. For the keywords, they were derived from the research
questions and Boolean operator (ORs) was used to
III. RESEARCH METHODOLOGY limit our research and to define the search string, as
This work aims to provide a systematic review of the latest follows:
security certificate, WPA3. The guideline for performing this
review is by following Kitchenham and Charter’s method ‘‘WPA3’’ OR ‘‘WPA3 Attack’’ OR ‘‘WPA3 Security’’ OR
[7]. Their method composes of three stages: planning, con- ‘‘WPA3 Certificate’’
ducting the review, and reporting the findings, as shown in Based on the keywords searches in the digital libraries,
Figure 2. The planning stage is the first stage where the 416 articles were collected.
questions of the research and the review protocol are defined.
The second stage is the conducting stage where the review C. PAPERS SELECTION CRITERIA
protocol will be implemented. The review protocol outlines Initially, 416 papers were collected based on the search terms
the search strategy and criteria for selecting and excluding the mentioned earlier. Then, these papers were filtered based on
research papers and extracting the required data. Reporting their relatedness to our topic in this review. The filtration
stage, the final stage involves synthesizing the data obtained. process is as follows: First, remove all the duplicated articles
that were collected from the different digital libraries. Before
A. RESEARCH QUESTIONS the articles were accepted as primary articles, these articles
The primary objective of this work is to provide a review of are analyzed against the inclusion and exclusion criteria,
the emergence of the wireless security certificate WPA3. The which are shown in Figure 3. Also, from references in the
following research questions were developed in line with the selected articles, additional related articles were investigated
primary objective: and applied with the search strategy.

112442 VOLUME 11, 2023

A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

FIGURE 5. Number of articles based on publication year.

FIGURE 4. Articles selection process.

D. PAPERS SELECTION PROCESS

To perform the selection process, the papers were chosen
based on the search string, title, abstract, and keywords. From
416 papers, authors investigated papers that have security
certificate WPA3 in their title and abstract, and the result
was 68 papers. This is because some papers have WPA3 in
their title or abstract, but it does not represent the network
security protocol. It is either referring to a chemical factor
or a symbol for different topics. Out of 68 papers, 25 were
excluded because of duplication between digital libraries, 4 as
review papers, 1 as a white paper, and 2 as Bachelor’s degree
projects, which leaves us with 36 articles. The selection pro- FIGURE 6. Number of articles based on publication type.
cess is shown in Figure 4.

E. DATA EXTRACTION shown in Figure 5. The figure shows the number of papers that
The aim of this step is to analyze the final list of papers discussed or mentioned the research question, knowing that
to extract the required information to answer our research some selected papers discussed more than one RQ, and in the
questions. To avoid bias in the data extraction process, a data figure it will be counted under each RQ. As shown in Figure 5,
extraction form was developed. The following information most of the articles were about RQ3 that focuses mainly
was extracted from each paper: title of the paper, the pub- on attacks in WPA3. Then, RQ2 focuses on the operation
lication year of the paper, publication type, RQ1, RQ2, and mode and encryption method in WPA3. Finally, the RQ1
RQ3. focuses on the reason for implementing WPA3. The year
2021 received the highest number of publications, where it
F. DATA SYNTHESIZING has 12 publications. Figure 6 shows the number of journal and
The data that is collected from the selected papers have to conference papers published from 2018 to 2023. 24 articles
be synthesized in a certain manner to provide answers to our were conference papers, which represent 63% of the total
research questions. Section IV exhibits the obtained data in selected articles. The rest were journal papers (14 articles),
different formats such as tables and figures. which represent 37%.

IV. RESULTS AND DISCUSSION 1) RESEARCH QUESTION 1 - WHAT ARE THE REASONS FOR
A. RESULTS THE EMERGENCE OF THE SECURITY CERTIFICATE WPA3?
This section elaborates the outcomes of the review. The first research question aims to show the need and
An overview of the selected papers is first presented. The the importance of the emergence of the security certificate
outcomes of each research question are explained in detail WPA3. There are many security flaws in the existing wireless
in the following sections. Table 2 shows the selected papers LAN that attackers might exploit to wreak a wide range of
based on research article number, title, publication type, and harm or obtain unwanted control. The release of WPA3 was
year of publication. mainly to address the security flaws and vulnerabilities in
The publication years of the selected papers from 2018 to its predecessors and to enhance the current state of security.
2023 regarding the security certificate WPA3 per year are According to Wi-Fi organization [16], the main reasons for

VOLUME 11, 2023 112443

 A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

TABLE 2. Selected research articles.

releasing and developing WPA3 is that WPA3 makes authen- a viable replacement. According to our selected articles, 9 out
tication more reliable, boosts the cryptographic strength for of the selected papers mentioned the need for the emergence
highly sensitive data markets, and keeps mission-critical of WPA3 due to several reasons such as avoidance of attacks,
networks resilient. [17], [18] sought to spread awareness, improvements of authentication and encryption methods, and
importance, and why people should deploy WPA3 in their others, as shown in Table 3.
networks. Both researchers believed that WPA3 is an excel-
lent security protocol and excels its predecessors, and not 2) RESEARCH QUESTION 2 - WHAT IS THE ENCRYPTION
only the technical issues that affect the security of a network METHOD USED IN WPA3 THAT DIFFERS FROM ITS
but also socio-technical activities of how people behave. PREDECESSORS?
References [10] and [19] showed how WPA3 can solve vul- Based on end users’ requirements, there are two modes
nerabilities in the previous wireless security protocols and be of operations in WPA3: home and business, as known as

112444 VOLUME 11, 2023

A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

TABLE 3. Reason for the emergence of WPA3.

TABLE 4. Articles based on the operation mode and encryption method.

FIGURE 7. Attacks before and after the release of WPA3.

in addition to a description of the Dragonfly encryption

method.

3) RESEARCH QUESTION 3 - WHAT ARE THE ATTACKS THAT

WPA3 WAS ABLE TO PREVENT, AND THE ATTACKS STILL
COULD NOT PREVENT?
WPA3-Personal and WPA3-Enterprise. Although there is not Until the discovery of the KRACK attack on WPA2 in 2017,
much difference between them, WPA3-Enterprise considered WPA2 was considered the most secure wireless protocol [11].
being more secure as it is designed to protect more sensitive WPA3 came to fix all the shortcomings of its predecessors,
data. The encryption method in WPA3 depends on its mode as it was released to address the vulnerabilities in the previous
of operation. WPA3-Personal is used when a Wi-Fi device protocols and improve the present level of security. With
only supports WPA3 and is called WPA3-SAE as it supports all the improvements in design, WPA3 was proven to be
SAE as an encryption method [1]. WPA3-Enterprise is used vulnerable to some types of attacks [14]. WPA3 can prevent
in enterprise environments such as industrial and government some attacks, but it is still vulnerable against other attacks.
networks and the encryption in this mode uses 192-bit and In addition, there are attacks that appeared after the release
is called EAP-pwd [20]. In addition, there is also a tran- of WPA3.
sition mode, which is indicated as WPA3-SAE transition. During the research on WPA3, the articles that were found
This mode allows Wi-Fi devices that only support WPA3 to are the articles that are explaining the attacks in WPA3 and
connect to the WPA2 network. included the articles that are trying to find a solution to
WPA3-SAE, a variation of the Dragonfly key exchange avoid attacks and intrusions. In this research question, the
specified in RFC 7664, replaces the so-called Open System attacks that are still affecting WPA3 and attacks that have
authentication before network association [1]. The Dragonfly been prevented are presented. From the selected articles in
handshake protects against offline dictionary assaults while Table 2, there were 24 articles that provided an explanation
providing forward secrecy, and it was utilized in practice by of WPA3 attacks in different ways. For example, out of these
both WPA3 and EAP-pwd [21]. 24 articles, 19 articles imitate how attacks happen in WPA3
In EAP-pwd, the devices will store passwords in plain- and 5 articles provided a brief description of the attacks. Out
text or in hashed forms, and all ciphers must offer at least of 24 articles, 20 articles proposed an update and solution to
192 bits of security. In this mode, the access point initiates avoid attacks in the WPA3 protocol.
the handshake, commit and confirm frames are encapsulated From the previous articles, the attacks in WPA3 were
in 802.1X frames [21]. found. Figure 7 shows the attacks before and after the deploy-
Since the transition mode is used to accommodate devices ment of the WPA3 protocol. In terms of attacks Before WPA3,
that support WPA3 and WPA2 using the same password, the attacks were divided into two sections, one that was solved
AP offers Management Frame Protection (MFP) as an by WPA3 and the other one is still unsolved. For attacks After
optional feature in this mode, where the older clients connect WPA3, it shows the attacks that occurred due to the encryption
using WPA2 without MFP and the newer ones using WPA3- methods in WPA3.
SAE with MFP enabled [21]. Figure 8 illustrates the occurrence of attacks in the selected
Based on Table 4, most of the published articles are based articles, which are still affecting WPA3. DoS and down-
on a personal mode of operation, WPA3-SAE. Some are in grade attacks got the highest repetition where they were
transition mode and only one article (M10) had all the modes, mentioned seven times in the selected articles, followed by

VOLUME 11, 2023 112445

 A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

an SAE-PK password into a valid modifier and public key for

which the private key is known.
Several research have been implemented to test the ability
of WPA3 to prevent attacks and to study the effects of these
attacks. Researchers in [19] and [29] tested the ability of
Management Frame Protection (MFP) in WPA3, where they
showed the ability of WPA3 to prevent disassociation and
deauthentication attacks, in addition to increase its efficiency
in preventing attacks. On the other hand, [35] showed that
un-enabling of MFP, allowed for deauthentication attacks and
made WPA3 vulnerable.
An evaluation of the efficiency of dragonfly handshake
and SAE in WPA3 was done in [14], [20], [21], [24], [28],
FIGURE 8. Attacks in WPA3 based on chosen articles. [33], and [36], where researchers sought to analyze these
features and explore the vulnerabilities in WPA3’s hand-
shake and SAE. In [14], timing or cache-based side-channel
deauthentication attacks and side-channel attacks (six times). leaks were exploited to recover the password of WPA3
Timing attacks along with dictionary attacks were mentioned by downgrade from WPA3-SAE to WPA2-PSK. Reference
five times and four times, respectively. Three times appeared [20] discovered bad-token vulnerability in SAE causing DoS
in evil twin, rogue AP, and brute-force attacks. There are other attacks. Reference [21] proved that the minor changes in pass-
types of attacks that were mentioned in the selected papers word encoding would prevent vulnerabilities in dragonfly
only one time, such as DNS spoofing and SSL stripping in [1], handshake.
time-memory trade-off attacks in [33], Miscellaneous Leaks Reference [24] showed that if attacker is persistent enough,
in [34], and Ghost attacks in [37]. then SAE is vulnerable to all DoS attacks. Reference [28]
proved that SAE protocol is weak to a chosen random value
B. DISCUSSION attack and its extension attacks. Finally, WPA3Fuzz strategy
This work applied a systematic procedure to provide a proper is used to identify the vulnerabilities in SAE and MFP against
understanding of the wireless security certificate WPA3. DoS attacks. To prove weakness in SAE, [34] implemented
There are three research questions that were formulated and Cache attack to show that this attack is able to leak some
answered to achieve the objective. From the research that has information on the password and [25] presented three DoS
been done, the main ideas in the articles were the effect of the attacks that affect the availability of WPA3 networks.
attacks, how to avoid attacks, imitate attacks, software used Reference [44] presented a collection of side-channel
to perform attacks, software used to avoid attacks, solutions, vulnerabilities called Dragondoom by targeting pass-
and updates to improve WPA3 certificate. word conversion methods in order to help attackers
This part of the paper intends to exhibit what other to recover WPA3 passwords. Owfuzz, an over-the-air
researchers did regarding their work on WPA3. The results fuzzing approach implemented by [47] to test all three
can be useful in highlighting the direction of future research. types of WPA3 Wi-Fi frames (management, control, and
This part provides the following information: data).
References [1] and [23] worked on comparing the attacks
• Tools and software used to generate attacks and monitor in WPA2 and WPA3 and both concluded that WPA3 can
the channels. provide more security than any of its predecessors. The pre-
• The impact of different attacks on WPA3. vious works were on personal mode of WPA3, the effects
• Techniques that were added to WPA3 to provide more of attacks on WPA3- transition mode is found in [12], and
security. [22] presented the defensive power and potential impact to
There are different tools and methods used to generate mitigate the risk of attacks in WPA3- enterprise mode. Refer-
attacks that affects WPA3 for different purposes and to mon- ence [45] concluded that WPA3 offered higher security than
itor the channel, such as Aircrack-ng that is used to launch WPA2, even though the CPU utilization of WPA3 is higher.
and generate WPA3 attacks [19], [23], [40], MDK3 to gather Reference [46] found two attacks on Wi-Fi beacons that have
information [19], Hostapd-2.9 used to perform attacks in [20], an effect on the battery life of wireless devices and proved
[24], [26], and [35]. Dragondrain used to generate attacks in that WPA3 is still vulnerable against them.
[21] and authors used MicroWalk to detect the attacks. On the There was a group of researchers that worked to add more
other hand, authors developed a software to create attacks, security and reliability to WPA3 such as in [26], [27], [30],
such as [31] proposed software to perform active attacks [32], [37], [38], [39], [40], and [41]. An intrusion detec-
by picking up passwords from the dictionary file and trying tion System (IDS) was used in [26] and [27] to add more
different passwords until they connect with the access point. security to WPA3 networks, where authors implemented a
[33] performed attacks by precomputing a table that converts signature-based IDS to detect WPA3 attacks. In [40], authors

112446 VOLUME 11, 2023

A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

TABLE 5. Articles based on WPA3 attacks.

VOLUME 11, 2023 112447

 A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

TABLE 5. (Continued.) Articles based on WPA3 attacks.

created a dataset that contains few numbers of WPA3 attacks to detect attacks such as MDK3 and MicroWalk. Most of their
in order to be used later for different purposes. research was done on cutting the connection from WPA3’s
ComPass is a protocol created by [37] to supplement access point or preventing users from entering a WPA3 net-
WPA2/WPA3 by replacing user-selected passphrases with work. Downgrade attacks, deauthentication attacks, and DoS
automatically generated ones to avoid guessing attacks. attacks were the major concerns for numerous researchers to
Reference [38] increased the security of WPA3 through provide countermeasures, as they showed the vulnerability
implemented encryption techniques in the physical layer of WPA3 against these attacks. From here, we conclude that
based on frequency induction for OFDM signals. Proof of the main issues in WPA3 are due to encryption and encoding
Existence (PoEx) scheme introduced in [39] is used to pro- methods, where most of the previous works tried to recom-
tect the network against Evil Twin attacks, where authors mend solutions to avoid attacks related to encryption and
witnessed besides protecting the network, there are improve- encoding methods.
ments done on the network through the lifetime forging and From the research that has been done, to make WPA3 more
network’s throughput. secured to be used and to reduce the probability of users and
Reference [30] applied Paired Token scheme to replace networks being hacked, an improvement on WPA3 itself or on
Pairwise Master Key (PMK) with the onetime authenticated WPA3 environment can be done, which can be summarized
key establishment to deliver high performance to a larger as follows:
number of clients using WPA3 networks. For the purpose
of deriving a high entropy shared secret key, [32] used the • The improvement on WPA3 protocol can be done in the
standard generator for the cyclic group and proposed Block way of generating the password. The previous work [36],
Encryption-based Password Authenticated Diffie-Hellman [37] focused on generating passwords automatically to
Key Establishment (BEPAKE) protocol between the access increase security. To provide more security to the WPA3
point and the client. Reference [41] did an analysis to mini- network, we believe that the WPA3 password should
mize the association overhead caused by key computation in be generated using a computer and then changing this
WPA2 and WPA3 and proved that the beacon listen interval password automatically from time to time. Such action
and channel utilization influence the wake-up delay of low- would increase the number of guesses required to crack
power stations. the password, which results in reducing the probability
In the end, from the previous discussion, it was shown that of the network being hacked.
most of the researchers tried to test the capability of WPA3 • The improvement of the WPA3 environment can be
protocol to provide security to either personal or enterprise implemented through adding an intrusion detection
networks. Previous researchers tried to find a way to penetrate system (IDS) capable of detecting and preventing
WPA3 protocol by performing and creating attacks through attacks. The previous works [25], [26] added IDS based
Aircrack-ng, hostapd, Dragondrain, etc. They used software on knowing few attacks of WPA3. We believe that

112448 VOLUME 11, 2023

A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

implementing IDS-based machine learning would allow Lastly, it can be concluded that the WPA3 protocol is a
for better detection and prevention of WPA3 attacks. recent security protocol that excels the previous protocols.
Machine learning models proved their ability through Based on this review, a recommendation to researchers to
the years in different aspect of life, and so, develop- conduct more research on ways to improve this protocol,
ing machine learning model that has full awareness of as follows: exploiting the capability of computer-generated
WPA3 attacks would provide more reliability and secu- passwords to work on the WPA3 protocol itself or by taking
rity to WPA3 networks, where the model will be trained advantage of Machine Learning ability to build an Intrusion
and tested on all WPA3 attacks, which will then prevent detection model capable of detecting attacks with high accu-
them from causing harm on the network. racy and low false alarm rate.
Finally, despite the attacks on the WPA3 protocol, all the
REFERENCES
existing works proved the capability and ability of WPA3
[1] C. Kohlios and T. Hayajneh, ‘‘A comprehensive attack flow model and
protocol to provide security more than its predecessors. More security analysis for Wi-Fi and WPA3,’’ Electronics, vol. 7, no. 11, p. 284,
explanation of the works that focused on providing details of Oct. 2018.
WPA3 attacks and how to prevent them is given in Table 5. [2] K. Moissinac, D. Ramos, G. Rendon, and A. Elleithy, ‘‘Wireless encryption
and WPA2 weaknesses,’’ in Proc. IEEE 11th Annu. Comput. Commun.
Workshop Conf. (CCWC), Jan. 2021, pp. 1007–1015.
V. LIMITATION OF THE STUDY [3] B. I. Reddy and V. Srikanth, ‘‘Review on wireless security protocols (WEP,
This systematic literature review was conducted with a focus WPA, WPA2 & WPA3),’’ Int. J. Scientific Res. Comput. Sci., Eng. Inf.
Technol., vol. 5, pp. 28–35, Jul. 2019.
on selected studies on wireless security certificate WPA3. The [4] I. S. Al-Mejibli and D. N. R. Alharbe, ‘‘Analyzing and evaluating the
search process was performed using a limited number of key- security standards in wireless network: A review study,’’ Iraqi J. Comput.
words, which resulted in a limited number of selected papers Informat., vol. 46, no. 1, pp. 32–39, Jun. 2020.
[5] D. Faíscas, ‘‘(In) security in Wi-Fi networks: A systematic review,’’ ARIS2-
that sought to purely focus on WPA3 to help researchers who Adv. Res. Inf. Syst. Secur., vol. 2, no. 2, pp. 17–23, 2022.
want to know more about this protocol. The articles were [6] N. K. Ojha and E. Baray, ‘‘An overview of protocols-based security threats
limited to journal and conference articles between the years and countermeasures in WLAN,’’ in Proc. 4th Int. Conf. Emerg. Technol.
(INCET), May 2023, pp. 1–6.
2018 and 2023. Several non-relevant research articles were
[7] B. Kitchenham and S. Charters, ‘‘Guidelines for performing Systematic
excluded based on our inclusion/exclusion criteria. Literature reviews in software engineering version 2.3,’’ Engineering,
vol. 45, no. 4, p. 1051, 2007.
[8] A. Sari and M. Karay, ‘‘Comparative analysis of wireless security pro-
VI. CONCLUSION tocols: WEP vs WPA,’’ Int. J. Commun., Netw. Syst. Sci., vol. 8, no. 12,
This systematic literature review studied the wireless security pp. 483–491, 2015.
certificate Wi-Fi Protected Access WPA3. Findings show [9] G. Mironov, ‘‘Challenges of wireless security in the healthcare field: A
study on the WPA3 standard,’’ Bachelor Degree Project, Linnaeus Univ.,
that the devised systematic literature review is the first of Sweden, 2020.
its kind in wireless security protocols. From the research [10] M. Appel and I. S. Guenther, ‘‘WPA 3-Improvements over WPA 2 or
conducted, it is concluded that most of the related works of broken again?’’ Network, vol. 7, pp. 1–4, Nov. 2020.
[11] M. Vanhoef and F. Piessens, ‘‘Key reinstallation attacks: Forcing nonce
WPA3 are focusing on finding attacks, generating attacks, reuse in WPA2,’’ in Proc. ACM SIGSAC Conf. Comput. Commun. Secur.,
and on testing how WPA3 is capable of preventing attack. Oct. 2017, pp. 1313–1328.
Researchers used different tools and methods to achieve their [12] E. Lamers, R. Dijksman, A. van der Vegt, M. Sarode, and C. de Laat,
goal such as Aircrack-ng, MDK3, Hostapd-2.9, MicroWalk, ‘‘Securing home Wi-Fi with WPA3 personal,’’ in Proc. IEEE 18th Annu.
Consum. Commun. Netw. Conf. (CCNC), Jan. 2021, pp. 1–8.
and Dragondrain. Other researchers sought to improve WPA3 [13] B. Scheuermann, ‘‘Model based fuzzing of the WPA3 Dragonfly hand-
by adding different approaches and methods to the wireless shake,’’ M.S. thesis, Humboldt-Universität zu Berlin, Germany, 2019.
security protocol, such as Intrusion Detection System, Com- [14] M. Vanhoef and E. Ronen, ‘‘Dragonblood: A security analysis of WPA3’s
SAE handshake,’’ IACR Cryptol. ePrint Arch., vol. 2019, p. 383, Apr. 2019.
Pass approach, Paired Token scheme. [15] D. Clarke and F. Hao, ‘‘Cryptanalysis of the dragonfly key exchange
The review investigated the related studies that were pub- protocol,’’ IET Inf. Secur., vol. 8, no. 6, pp. 283–289, Nov. 2014.
lished between the years 2018 and 2023. Thirty-six articles [16] wi-fi.org. Security | Wi-Fi Alliance. Accessed: May 18, 2020. [Online].
Available: https://www.wi-fi.org
were studied to answer three research questions, and the
[17] G. Sagers, ‘‘WPA3: The greatest security protocol that may never be,’’
results achieved as follows: For RQ1, the main reason behind in Proc. Int. Conf. Comput. Sci. Comput. Intell. (CSCI), Dec. 2021,
the release of the WPA3 protocol is to provide more security pp. 1360–1364.
and to overcome attacks in its predecessors. The results of [18] M. Bednarczyk and Z. Piotrowski, ‘‘Will WPA3 really provide Wi-Fi
security at a higher level?’’ in Proc. 12th Conf. Reconnaissance Electron.
RQ2 show how implementing Simultaneous Authentication Warfare Syst., Mar. 2019, pp. 369–376.
of Equals (SAE), which is the Dragonfly handshake process [19] M. Tigner and H. Wimmer, ‘‘Disruption and protection of online syn-
in WPA3 and Protected Management Frame (PMF), played chronous learning environments via 802.11 manipulation,’’ in Proc. IEEE
Int. IoT, Electron. Mechatronics Conf. (IEMTRONICS), Apr. 2021, pp. 1–6.
an important role in increasing the security in WPA3. The [20] K. Lounis and M. Zulkernine, ‘‘Bad-token: Denial of service attacks on
findings of RQ3 show that despite the improvement of WPA3, WPA3,’’ in Proc. 12th Int. Conf. Secur. Inf. Netw., Sep. 2019, pp. 1–8.
there are still some attacks that WPA3 cannot prevent. In this [21] M. Vanhoef and E. Ronen, ‘‘Dragonblood: Analyzing the dragonfly hand-
research question, the attacks that were prevented and the shake of WPA3 and EAP-pwd,’’ in Proc. IEEE Symp. Secur. Privacy (SP),
May 2020, pp. 517–533.
attacks that were unsolved are shown. Finally, a discussion [22] A. Bartoli, ‘‘Understanding server authentication in WPA3 enterprise,’’
on the selected papers was addressed. Appl. Sci., vol. 10, no. 21, p. 7879, Nov. 2020.

VOLUME 11, 2023 112449

 A. Halbouni et al.: Wireless Security Protocols WPA3: A Systematic Literature Review

[23] E. Baray and N. K. Ojha, ‘‘‘WLAN security protocols and WPA3 security [43] S. Lindroos, A. Hakkala, and S. Virtanen, ‘‘The COVID-19 pandemic and
approach measurement through aircrack-ng technique,’’’ in Proc. 5th Int. remote working did not improve WLAN security,’’ Proc. Comput. Sci.,
Conf. Comput. Methodolog. Commun. (ICCMC), Apr. 2021, pp. 23–30. vol. 201, pp. 158–165, Jan. 2022.
[24] E. Chatzoglou, G. Kambourakis, and C. Kolias, ‘‘How is your Wi-Fi con- [44] D. De Almeida Braga, N. Kulatova, M. Sabt, P.-A. Fouque, and
nection today? DoS attacks on WPA3-SAE,’’ J. Inf. Secur. Appl., vol. 64, K. Bhargavan, ‘‘From dragondoom to dragonstar: Side-channel attacks and
Feb. 2022, Art. no. 103058. formally verified implementation of WPA3 dragonfly handshake,’’ in Proc.
[25] K. Lounis and M. Zulkernine, ‘‘WPA3 connection deprivation attacks,’’ in IEEE 8th Eur. Symp. Secur. Privacy (EuroS&P), Jul. 2023, PP. 707–723,
Proc. Int. Conf. Risks Secur. Internet Syst., Hammamet, Tunisia: Springer, doi: 10.1109/EuroSP57164.2023.00048.
Oct. 2020, pp. 164–176. [45] D. Cahyadi, I. F. Astuti, and N. Nazaruddin, ‘‘Comparison of through-
[26] N. Dalal, N. Akhtar, A. Gupta, N. Karamchandani, G. S. Kasbekar, and put and CPU usage between WPA3 and WPA2 security methods on
J. Parekh, ‘‘A wireless intrusion detection system for 802.11 WPA3 net- wireless networks 802.11 N,’’ AIP Conf. Proc., vol. 2482, no. 1, 2023,
works,’’ in Proc. 14th Int. Conf. Commun. Syst. Netw. (COMSNETS), Art. no. 030006.
Jan. 2022, pp. 384–392. [46] A. Raj and Dr. S. Sankaran, ‘‘Battery drain using WiFi beacons,’’
[27] R. Saini, D. Halder, and A. M. Baswade, ‘‘RIDS: Real-time intrusion detec- in Proc. 11th Int. Symp. Digit. Forensics Secur. (ISDFS), May 2023,
tion system for WPA3 enabled enterprise networks,’’ in Proc. GLOBECOM pp. 1–6.
IEEE Global Commun. Conf., Dec. 2022, pp. 43–48. [47] H. Cao, L. Huang, S. Hu, S. Shi, and Y. Liu, ‘‘Owfuzz: Discover-
[28] S. Sun, ‘‘A chosen random value attack on WPA3 SAE authentication ing Wi-Fi flaws in modern devices through over-the-air fuzzing,’’ in
protocol,’’ Digit. Threats, Res. Pract., vol. 3, no. 2, pp. 1–8, Jun. 2022. Proc. 16th ACM Conf. Secur. Privacy Wireless Mobile Netw., May 2023,
[29] K. Lounis, S. H. Ding, and M. Zulkernine, ‘‘Cut it: Deauthentication pp. 263–273.
attacks on protected management frames in WPA2 and WPA3,’’ in Proc.
Int. Symp. Found. Pract. Secur. Paris, France: Springer, Dec. 2021,
pp. 235–252.
[30] B. Lee, ‘‘Stateless re-association in WPA3 using paired token,’’ Electron-
ics, vol. 10, no. 2, p. 215, Jan. 2021.
ASMAA HALBOUNI (Graduate Student Member,
[31] M. Patel, P. Amritha, and R. S. Jasper, ‘‘Active dictionary attack on WPA3-
SAE,’’ in Advances in Computing and Network Communications, vol. 1. IEEE) received the B.Eng. degree in telecom-
Cham, Switzerland: Springer, 2021, pp. 633–641. munication engineering from An-Najah National
[32] R. C. Hansdah, J. Jamwal, and R. B. Gudivada, ‘‘Dragonshield: An University, Palestine, and the M.Sc. degree in
authentication enhancement for mitigating side-channel attacks and high computer and information engineering from Inter-
computation overhead in WPA3-SAE handshake protocol,’’ in Proc. 23rd national Islamic University Malaysia, Malaysia.
Int. Conf. Distrib. Comput. Netw., Jan. 2022, pp. 188–197. Currently, she is pursuing the Ph.D. degree in
[33] M. Vanhoef, ‘‘A time-memory trade-off attack on WPA3’s SAE-PK,’’ information technology with Multimedia Uni-
in Proc. 9th ACM ASIA Public-Key Cryptogr. Workshop, May 2022, versity, Malaysia. Her research interests include
pp. 27–37. intrusion detection, network security, and deep
[34] D. De Almeida Braga, P.-A. Fouque, and M. Sabt, ‘‘Dragonblood is still learning.
leaking: Practical cache-based side-channel in the wild,’’ in Proc. Annu.
Comput. Secur. Appl. Conf., Dec. 2020, pp. 291–303.
[35] D. Schepers, A. Ranganathan, and M. Vanhoef, ‘‘On the robustness of Wi-
Fi deauthentication countermeasures,’’ in Proc. 15th ACM Conf. Secur.
Privacy Wireless Mobile Netw., May 2022, pp. 245–256.
LEE-YENG ONG (Senior Member, IEEE)
[36] S. Marais, M. Coetzee, and F. Blauw, ‘‘Simultaneous deauthentication of
received the M.Eng.Sc. and Ph.D. degrees in
equals attack,’’ in Proc. Int. Conf. Secur., Privacy Anonymity Comput.,
Commun. Storage. Nanjing, China: Springer, Dec. 2020, pp. 545–556. computer vision from Multimedia University,
[37] K. Reaz and G. Wunder, ‘‘ComPass: Proximity aware common passphrase Malaysia, in 2009 and 2020, respectively. She is
agreement protocol for Wi-Fi devices using physical layer security,’’ in currently a Senior Lecturer with the Faculty of
Proc. Int. Conf. Innov. Mobile Internet Services Ubiquitous Comput. Cham, Information Science and Technology, Multimedia
Switzerland: Springer, 2022, pp. 263–275. University. Her research interests include image
[38] M. Jacovic, K. Juretus, N. Kandasamy, I. Savidis, and K. R. Dandekar, processing, data science, and big data analytics.
‘‘Physical layer encryption for wireless OFDM communication systems,’’
J. Hardw. Syst. Secur., vol. 4, no. 3, pp. 230–245, Sep. 2020.
[39] K. Murugesan, K. K. Thangadorai, and V. N. Muralidhara, ‘‘PoEx: Proof
of existence for evil twin attack prevention in Wi-Fi personal networks,’’
in Proc. 8th Int. Conf. Future Internet Things Cloud (FiCloud), Aug. 2021,
pp. 92–98.
[40] E. Chatzoglou, G. Kambourakis, and C. Kolias, ‘‘Empirical evaluation of MENG-CHEW LEOW (Senior Member, IEEE)
attacks against IEEE 802.11 enterprise networks: The AWID3 dataset,’’ received the Doctor of Philosophy degree from
IEEE Access, vol. 9, pp. 34188–34205, 2021. Multimedia University. His research interests
[41] V. K. Ramanna, J. Sheth, S. Liu, and B. Dezfouli, ‘‘Towards understanding include game-based learning, specifically in role-
and enhancing association and long sleep in low-power WiFi IoT sys- playing game-based learning, system science,
tems,’’ IEEE Trans. Green Commun. Netw., vol. 5, no. 4, pp. 1833–1845, practical spirituality, and philosophy.
Dec. 2021.
[42] S. Kwon and H.-K. Choi, ‘‘Evolution of Wi-Fi protected access: Security
challenges,’’ IEEE Consum. Electron. Mag., vol. 10, no. 1, pp. 74–81,
Jan. 2021.

112450 VOLUME 11, 2023