Davej wrote:

So WPA2 is broken and WPA3 will probably require new hardware? Why
can't they at least generate a firmware "band-aid" for WPA2 ?

None of the articles I've looked at so far, have the
level of detail needed to hazard a guess.

https://spectrum.ieee.org/tech-talk/...now-about-wpa3

The design has a control plane and a datapath.

The control plane can be run entirely with a
low-end microcontroller (CPU) in the MAC. This
was added in the last ten years, to support
"keep-alive" protocol when the computer sleeps,
or to support the Wifi version of WOL. It's not
allowed to use a lot of electricity, because
it would affect battery life on laptops or smartphones.

If the WPA3 changes were a few changes to handshake
protocols at the packet level (i.e. control plane),
the MAC CPU could do that.

However, if any of the AES crypto requires modification,
even to change from CBC to something else, the MAC
processor could never encrypt the entire data flow
on its own. Your 802.11AC dongle would end up running
packets at 802.11b rates, and you'd be ****ed and
asking what they were thinking.

My experience with this kind of hardware is,
customers are pretty unforgiving about "lack of wire speed"
on their hardware. If your proposed firmware solution
ran 5% slower, there'd be a customer to complain
about it.

Buying all new hardware is good for the bottom line.
Making the decision all that much easier at a Wifi company.
I don't think you needed me to mention that :-)

Every person on that standards committee has a
"bottom line", so it wouldn't take too much of a
deviation from WPA2 for them to see $dollar signs
when all is said and done.

Paul