Demystifying security choices: Wi-Fi 6 and 5G
July 21, 2020 by The Beacon
Daily life has moved online. This trend has been increasing year-by-year, with the global pandemic accelerating the need for people to spend more time online as they work from home, stay informed and connected to friends and family, and entertainment. Increased global online presence is driving many individuals and organizations to consider upgrading their wireless experience and network security. Two dominant technologies, Wi-Fi 6 and 5G, address most wireless use cases. Wi-Fi 6 began ushering in a new generation of Wi-Fi® connectivity in 2019 and 5G continues its phased rollout approach. Largely unknown to those looking to improve their wireless communications experience: is one more secure than the other? The short answer is that both technologies provide similar levels of security.
Cisco recently published a paper that explores the evolution of cellular and Wi-Fi security over the last two decades and addresses common misunderstandings. While to some there is an assumption that cellular provides greater security than Wi-Fi, Cisco’s position is that “Wi-Fi 6 and 5G both provide the security features necessary to serve as the basis of secure wireless communications, together and separately, well into the next decade1.”
Wi-Fi 6 and 5G security should not be positioned against each other
Throughout the twenty-plus year history of Wi-Fi and cellular, each technology has evolved and improved in a variety of ways, including the ways in which they secure user data and connections. Both technologies satisfy a wide variety of use cases and provide comparable, high levels of security, including better encryption and authentication mechanisms. The differences are in how they each go about providing security.
New and emerging connectivity needs must be balanced with how to best secure data and connections. The Cisco paper explains that goals for 5G include increased architectural flexibility and as such, security protocols and deployment models similar to those of Wi-Fi.
Wi-Fi has historically focused on over-the-air security, maintaining the flexibility to be deployed in a wide range of architectures, covering use cases and business models not historically supported by cellular models. Cellular security has focused on end-to-end security, accepting less flexibility via use of a more closed system with SIM cards. To meet its goals in the Industrial Internet of Things (IIoT) Cisco notes that 5G is transitioning to an increasingly flexible architecture – often based on mechanisms used by Wi-Fi – such as the Extensible Authentication Protocol (EAP) framework that was first adopted by Wi-Fi for WPA-Enterprise in 2002.
Source: Cisco 2020
These changes to 5G architecture and the WPA3™ security required in Wi-Fi CERTIFIED 6™ devices, mean that 5G and Wi-Fi 6 security are effectively equivalent. Cisco even posits that the introduction of 192-bit equivalent security option for WPA3 “arguably puts Wi-Fi 6 slightly ahead in the short term.”
Wi-Fi 6 security options
Wi-Fi Alliance® introduced Wi-Fi CERTIFIED WPA3™ and Wi-Fi CERTIFIED Enhanced Open™ to address current and emerging scenarios to ensure secure Wi-Fi deployments. Wi-Fi supports a much wider range of use cases from the local coffee shop coverage to government-class security needs. Wi-Fi Alliance brings a variety of options to secure Wi-Fi networks:
- Wi-Fi CERTIFIED WPA3: uses the latest security methods and requires Protected Management Frames (PMF) for all network types, with specific certifications available for personal, enterprise, and highly sensitive networks. WPA3 became required for all new Wi-Fi CERTIFIED™ devices 1 July 2020.
- Wi-Fi CERTIFIED Enhanced Open: provides data encryption to users in scenarios where it is not feasible to deploy and manage a password protected network.
Network administrators can use Wi-Fi 6 networks to provide additional security mechanisms beyond WPA3 and Wi-Fi Enhanced Open. For instance, third party software and other security tools can be implemented to fine-tune policies and add layers of protection to Wi-Fi networks.
Wi-Fi security is always evolving
Wi-Fi Alliance continually develops and evolves the Wi-Fi Protected Access® program requirements. Having established that Wi-Fi 6 and 5G are complementary technologies that represent excellent connectivity choices with roughly equivalent security, Cisco identifies the next area for wireless communications security teams to tackle: system information messages, such as beacons. Wi-Fi Alliance is already developing a beacon protection feature for an upcoming WPA3 update.
Consumers, businesses, and institutions everywhere will benefit from the advancements of Wi‑Fi 6 and 5G. Both technologies will work in concert to provide better user experiences and equivalent security, nearly everywhere. The latest generation of Wi-Fi security is in place now and with the new requirement to include WPA3 in all new Wi-Fi CERTIFIED devices, Wi-Fi is even better suited to ensure the security needs of consumers and businesses. Wi-Fi will not stand still – it will continue to evolve capabilities to protect user data and keep pace with developments in the security landscape to ensure it continues to meet and exceed the needs of wireless networks now, and in the future.
1Cisco 2020 paper entitled “Examining the Security of Wi-Fi 6 and 5G”