Leave a Comment / By /

Chapter 43: WiFi WPA3 Security with ESP-IDF

Chapter Objectives

By the end of this chapter, you will be able to:

  • Understand the limitations of WPA2 and the key motivations for the development of WPA3.
  • Describe the core features and benefits of WPA3-Personal, including Simultaneous Authentication of Equals (SAE).
  • Explain how SAE provides robust protection against offline dictionary attacks and enhances key exchange security.
  • Understand the concept of Protected Management Frames (PMF) and its mandatory role in WPA3.
  • Describe the enhancements WPA3-Enterprise offers, including its alignment with 192-bit security suites.
  • Configure the ESP32 to connect to a WPA3-Personal (SAE) network using ESP-IDF.
  • Discuss WPA3 transition modes (WPA2/WPA3 mixed mode) and their implications.
  • Identify which ESP32 variants support WPA3 and any specific configuration requirements.
  • Troubleshoot common issues when connecting ESP32 devices to WPA3 networks.

Introduction

In our journey through WiFi connectivity, we’ve extensively used WPA2-Personal and WPA2-Enterprise, which have been the stalwarts of WiFi security for over a decade. However, as technology evolves, so do threats. Vulnerabilities like KRACK (Key Reinstallation Attacks) exposed weaknesses in WPA2, and its reliance on a single Pre-Shared Key (PSK) in personal mode makes it susceptible to offline dictionary attacks if the PSK is weak.

To address these and other emerging security challenges, the Wi-Fi Alliance introduced WPA3 in 2018. WPA3 represents the next generation of WiFi security, offering significant enhancements for both personal and enterprise networks. It aims to simplify WiFi security, enable more robust authentication, and provide increased cryptographic strength. For IoT devices like the ESP32, which are increasingly deployed in diverse environments, understanding and implementing WPA3 is crucial for building secure and future-proof connected applications. This chapter will explore the technical details of WPA3 and guide you through configuring your ESP32 to leverage its advanced security features.

Theory

WPA3 Overview: Addressing WPA2’s Shortcomings

WPA3 was designed to address several key limitations of WPA2:

  1. Offline Dictionary Attacks (WPA2-Personal): If an attacker captures the WPA2-Personal 4-way handshake, they can perform an offline brute-force attack to guess the PSK. WPA3-Personal replaces the PSK with Simultaneous Authentication of Equals (SAE), mitigating this risk.
  2. Lack of Forward Secrecy (WPA2-Personal): If the WPA2 PSK is compromised, past encrypted traffic (if captured) could potentially be decrypted. WPA3-Personal (SAE) provides forward secrecy.
  3. Vulnerability to KRACK: WPA3 incorporates measures to protect against key reinstallation attacks.
  4. Management Frame Protection: WPA2 made Protected Management Frames (PMF, IEEE 802.11w) optional. WPA3 mandates PMF, protecting against deauthentication and disassociation attacks.
  5. Ease of Use vs. Security for Open Networks: WPA3 introduces Wi-Fi Enhanced Open™ (OWE) to provide encrypted connections on open (non-password-protected) networks, replacing unencrypted open networks.

WPA3 comes in two main flavors: WPA3-Personal and WPA3-Enterprise, along with Wi-Fi Enhanced Open™.

WPA2 Shortcoming / Vulnerability WPA3 Solution / Enhancement Impact of WPA3 Solution
Offline Dictionary Attacks (WPA2-Personal): Attacker captures 4-way handshake and brute-forces PSK offline. Simultaneous Authentication of Equals (SAE) for WPA3-Personal. Prevents offline dictionary attacks by making each authentication attempt unique and interactive. Compromising one session doesn’t reveal the password.
Lack of Forward Secrecy (WPA2-Personal): If PSK is compromised, past captured traffic could be decrypted. SAE provides Forward Secrecy. Even if the main password is compromised later, past session keys (and thus past traffic) remain secure.
Vulnerability to KRACK (Key Reinstallation Attacks): Weaknesses in the 4-way handshake. Robust handshake mechanisms in SAE and overall WPA3 protocol hardening. Protects against key reinstallation attacks, ensuring session keys are not compromised.
Optional Protected Management Frames (PMF): Management frames (deauth, disassoc) could be spoofed. Mandatory PMF (IEEE 802.11w) for both WPA3-Personal and WPA3-Enterprise. Protects against deauthentication and disassociation attacks by ensuring integrity and authenticity of management frames. Increases network resilience.
Unencrypted Open Networks: Traditional open Wi-Fi networks offer no privacy. Wi-Fi Enhanced Open™ (OWE). Provides individualized encryption for users on public/open networks without requiring a password, preventing passive eavesdropping.
Enterprise Security Consistency: WPA2-Enterprise was robust but WPA3 aims for even higher standards. WPA3-Enterprise enhancements, including optional 192-bit security mode. Offers stronger cryptographic suites for environments with very high security demands, aligning with CNSA standards. Ensures consistent high security with mandatory PMF.

WPA3-Personal: Robust Security for Individuals

WPA3-Personal is designed for home users and small businesses, offering significantly improved security over WPA2-Personal. Its cornerstone is Simultaneous Authentication of Equals (SAE).

1. Simultaneous Authentication of Equals (SAE)

SAE, also known as “Dragonfly Key Exchange,” is a password-authenticated key agreement protocol. It replaces the Pre-Shared Key (PSK) exchange mechanism of WPA2-Personal.

  • How it Works: Instead of directly exchanging the password (or a hash of it) during the handshake, SAE uses the password to derive cryptographic elements that are then used in a secure key exchange protocol (specifically, a variant of the Dragonfly handshake, which is based on elliptic curve cryptography).
  • Both Sides are Equal: Both the client (ESP32) and the Access Point (AP) must know the same password. They independently perform cryptographic operations using this password. If the passwords match, they will derive the same session key without ever transmitting the password itself or data that could directly lead to its offline cracking through a simple dictionary attack on a captured handshake.
  • Resistance to Offline Dictionary Attacks: Even if an attacker captures the SAE handshake frames, they cannot perform an offline dictionary attack to find the password. Each guess would require a new interactive attempt with the AP or client, making brute-force attacks computationally infeasible. The handshake is unique each time.
  • Forward Secrecy: SAE provides forward secrecy. If the password is compromised at a later date, previously captured SAE-encrypted traffic cannot be decrypted because the session keys are unique to each session and are not derivable from the password alone after the session.
  • Password Element (PWE): The password is used to generate a Password Element (PWE), which is a point on an elliptic curve. This PWE is a key input to the SAE handshake.
SAE Feature Description Security Benefit
Password-Authenticated Key Exchange Uses the password to derive cryptographic elements for a secure key exchange (Dragonfly handshake) rather than directly using/exchanging the password or its hash. The password itself is never transmitted, nor is data that can be used for simple offline dictionary attacks on a captured handshake.
Resistance to Offline Dictionary Attacks Each SAE handshake attempt is unique. An attacker capturing handshake frames cannot perform offline brute-force attacks on the password. Each guess would require a new, live interaction. Massively increases the difficulty of cracking weak passwords compared to WPA2-PSK.
Forward Secrecy Session keys derived during the SAE handshake are unique to that session and not directly derivable from the long-term password if it’s later compromised. Protects past communications. Even if an attacker obtains the network password in the future, they cannot decrypt previously captured WPA3-SAE traffic.
Protection Against Replay Attacks The SAE handshake incorporates nonces (random numbers) and other mechanisms to ensure that captured “Commit” messages cannot be replayed to impersonate a client or AP. Ensures freshness of the authentication exchange, preventing attackers from reusing old handshake data.
Elliptic Curve Cryptography (ECC) SAE typically uses ECC for its key exchange, providing strong security with relatively shorter key lengths compared to traditional Diffie-Hellman. Efficient and strong cryptographic foundation for the key exchange.
Mandatory PMF Integration WPA3-Personal (which uses SAE) mandates Protected Management Frames. While PMF is a separate mechanism, its mandatory use with SAE further hardens the network against attacks like deauthentication/disassociation. 
%%{ init: { 'theme': 'base', 'themeVariables': { 
    'fontFamily': 'Open Sans',
    'primaryColor': '#DBEAFE', 
    'primaryBorderColor': '#2563EB',
    'primaryTextColor': '#1E40AF',
    'lineColor': '#5B21B6',
    'textColor': '#1F2937'
} } }%%
sequenceDiagram
    actor Client as Client (ESP32)
    actor AP as Access Point (Router)
    participant C_Crypto as Client Crypto Ops
    participant AP_Crypto as AP Crypto Ops

    note over Client, AP: Both know the same password (e.g., "mySecurePassword")

    Client->>C_Crypto: Derive PWE (Password Element)<br>from password
    activate C_Crypto
    C_Crypto-->>Client: PWE_C
    deactivate C_Crypto

    AP->>AP_Crypto: Derive PWE (Password Element)<br>from password
    activate AP_Crypto
    AP_Crypto-->>AP: PWE_AP
    deactivate AP_Crypto

    note over Client: Generates random values, prepares Commit message
    Client->>AP: SAE Commit Message (contains crypto elements based on PWE_C, nonces)

    activate AP
    AP->>AP_Crypto: Verify Client's Commit msg<br>using PWE_AP & Client's elements
    activate AP_Crypto
    AP_Crypto-->>AP: Verification Result
    deactivate AP_Crypto
    
    alt Client Commit OK
        note over AP: Generates random values, prepares own Commit message
        AP->>Client: SAE Commit Message (contains crypto elements based on PWE_AP, nonces)

        activate Client
        Client->>C_Crypto: Verify AP's Commit msg<br>using PWE_C & AP's elements
        activate C_Crypto
        C_Crypto-->>Client: Verification Result
        deactivate C_Crypto

        alt AP Commit OK
            Client->>C_Crypto: Compute shared PMK (Pairwise Master Key)
            activate C_Crypto
            C_Crypto-->>Client: PMK_C
            deactivate C_Crypto
            
            AP->>AP_Crypto: Compute shared PMK
            activate AP_Crypto
            AP_Crypto-->>AP: PMK_AP (should match PMK_C)
            deactivate AP_Crypto

            note over Client, AP: PMK derived successfully! Password is not exchanged.
            note over Client, AP: Proceed to 4-Way Handshake using this PMK to derive session keys (PTK, GTK).
        else AP Commit Invalid
            Client->>Client: SAE Handshake Failed (AP Commit Invalid)
        end
        deactivate Client
    else Client Commit Invalid
        AP->>AP: SAE Handshake Failed (Client Commit Invalid)
    end
    deactivate AP

2. Transition Mode (WPA2/WPA3 Mixed Mode)

To facilitate the rollout of WPA3, APs can operate in a “transition mode” (often denoted as WPA2/WPA3-Personal or WPA2-PSK + WPA3-SAE). In this mode:

  • The AP advertises support for both WPA2-PSK and WPA3-SAE.
  • WPA3-capable clients (like a correctly configured ESP32) will connect using WPA3-SAE.
  • Legacy WPA2-only clients will connect using WPA2-PSK.While this mode offers backward compatibility, the security level for WPA2 clients remains that of WPA2. True WPA3 benefits are only realized when both client and AP use WPA3.

WPA3-Enterprise: Enhanced Security for Organizations

WPA3-Enterprise builds upon WPA2-Enterprise, strengthening security for larger networks.

Feature Enhancement in WPA3-Enterprise Description Compared to WPA2-Enterprise
Core Authentication Mechanism Continues to use IEEE 802.1X with EAP methods (e.g., EAP-TLS, EAP-PEAP, EAP-TTLS) and a RADIUS server. Fundamentally the same robust authentication framework. WPA3 builds upon this trusted base.
Protected Management Frames (PMF) PMF (IEEE 802.11w) is mandatory. In WPA2-Enterprise, PMF was optional, leading to inconsistent protection against management frame attacks. Mandatory PMF significantly improves resilience.
Optional 192-bit Security Mode Offers an optional mode aligning with CNSA (Commercial National Security Algorithm) suite, providing 192-bit equivalent cryptographic strength. This involves stronger ciphers (e.g., AES-256-GCMP) and elliptic curves (e.g., 384-bit ECC). WPA2-Enterprise typically operated with 128-bit strength ciphers (AES-128-CCMP). The 192-bit mode offers a higher security level for sensitive environments.
Transition Modes APs can operate in mixed WPA2/WPA3-Enterprise modes to support legacy clients. Similar concept to WPA2/WPA3-Personal transition, allowing gradual migration. WPA3 benefits are fully realized when both client and network are WPA3.
Overall Security Posture Strengthened due to mandatory PMF and the option for higher cryptographic suites. Provides a more consistent and higher baseline of security than WPA2-Enterprise deployments, which could vary based on PMF adoption.
  • Authentication: It continues to use IEEE 802.1X for authentication with EAP methods (as discussed in Chapter 42, e.g., EAP-TLS, EAP-PEAP, EAP-TTLS) and a RADIUS server. The core EAP mechanisms remain the same.
  • Mandatory Protected Management Frames (PMF): Unlike WPA2-Enterprise where PMF was optional, WPA3-Enterprise mandates PMF. This provides stronger protection for management frames against eavesdropping and forgery, preventing attacks like deauthentication/disassociation floods.
  • Optional 192-bit Security Mode: WPA3-Enterprise offers an optional mode that aligns with the Commercial National Security Algorithm (CNSA) suite, using 192-bit equivalent cryptographic strength. This involves:
    • Authentication and Key Management (AKM) using specific EAP methods that support higher strength ciphers.
    • Stronger elliptic curves (e.g., 384-bit ECC).
    • Advanced Encryption Standard (AES) with Galois/Counter Mode Protocol (GCMP) using 256-bit keys (AES-256-GCMP) for data confidentiality.
    • SHA-384 for hashing.This mode is for environments with very high security requirements. ESP32 support for this specific 192-bit mode depends on the capabilities of its cryptographic hardware accelerators and the ESP-IDF crypto libraries.

Protected Management Frames (PMF / IEEE 802.11w)

PMF is a critical component of WPA3 (both Personal and Enterprise).

Aspect of PMF (IEEE 802.11w) Description Relevance to WPA3
Purpose To protect unicast and multicast robust management frames from forgery and eavesdropping. These frames are critical for maintaining network connectivity and state. Enhances overall network resilience and security by preventing common disruption attacks.
Frames Protected Key management frames include:
– Disassociation frames
– Deauthentication frames
– Robust Action frames (e.g., those related to radio resource management, QoS, etc.)		 Protects against attackers spoofing these frames to forcibly disconnect clients or disrupt network operations.
How it Works (Simplified) Uses cryptographic mechanisms (derived from the session keys established during authentication) to add integrity protection (e.g., a Message Integrity Code – MIC) and optionally encryption to management frames. Ensures that management frames originate from a legitimate source (AP or authenticated client) and have not been tampered with.
WPA2 Status Optional. Support and enforcement varied across devices and networks. Led to inconsistent protection levels.
WPA3 Requirement Mandatory for both WPA3-Personal and WPA3-Enterprise. Provides a consistent and higher baseline of security for all WPA3 connections.
ESP-IDF Configuration Managed via the pmf_cfg member (of type wifi_pmf_config_t) within wifi_config_t.sta.
capable: Device supports PMF.
required: Device requires PMF for connection.		 For WPA3, both capable and required should typically be set to true on the ESP32.

Wi-Fi Enhanced Open™ (OWE)

While not the primary focus for password-protected networks, it’s worth noting that WPA3 also introduced Wi-Fi Enhanced Open™ (Opportunistic Wireless Encryption – OWE).

  • Purpose: Provides encryption for public, open WiFi networks (like those in cafes or airports) without requiring users to enter a password.
  • How it works: Uses an unauthenticated Diffie-Hellman key exchange during association to establish an encrypted connection for each client individually. This prevents passive eavesdropping, which is a major issue with traditional open networks.
  • ESP-IDF supports OWE via the WIFI_AUTH_OWE authmode.

WPA3 Support in ESP-IDF

ESP-IDF provides support for WPA3-Personal (SAE) and WPA3-Enterprise.

  • Kconfig Options: You need to enable WPA3 support in menuconfig:
    • Component config -> Wi-Fi -> Enable WPA3-Personal (SAE) support (CONFIG_ESP_WIFI_ENABLE_WPA3_SAE).
    • For WPA3-Enterprise, ensure WPA2-Enterprise support is enabled (CONFIG_ESP_WIFI_WPA2_ENT_SUPPORT), as WPA3-Enterprise builds upon it. PMF settings are key.
  • Authentication Modes: The wifi_auth_mode_t enumeration in esp_wifi_types.h includes:
    • WIFI_AUTH_WPA3_PSK: For connecting to a WPA3-Personal (SAE only) network.
    • WIFI_AUTH_WPA2_WPA3_PSK: For connecting to a network in WPA2/WPA3-Personal transition mode. The ESP32 will attempt WPA3-SAE first, then fall back to WPA2-PSK if SAE fails or is not supported by the AP for that connection attempt.
    • For WPA3-Enterprise, you would typically use the same EAP methods as WPA2-Enterprise (e.g., WIFI_AUTH_WPA2_ENTERPRISE), but the AP and RADIUS server must be configured for WPA3-Enterprise, and PMF must be enabled and often required on the ESP32.
ESP-IDF Setting Value / Option Description & Usage for WPA3
Kconfig Option
(menuconfig)		 CONFIG_ESP_WIFI_ENABLE_WPA3_SAE Enables overall support for WPA3-Personal (SAE) in the WiFi driver. Must be enabled to use SAE-related authmodes. Found under Component config -> Wi-Fi.
CONFIG_ESP_WIFI_WPA2_ENT_SUPPORT Enables support for WPA2/WPA3 Enterprise authentication (EAP methods). Required for WPA3-Enterprise as it builds upon WPA2-Enterprise mechanisms. Found under Component config -> ESP NETIF Adapter.
Authentication Mode
(wifi_config.sta.threshold.authmode of type wifi_auth_mode_t)		 WIFI_AUTH_WPA3_PSK For connecting to a WPA3-Personal network that only supports SAE. ESP32 will only attempt SAE. PMF should be enabled and required.
WIFI_AUTH_WPA2_WPA3_PSK For connecting to a WPA3-Personal network operating in WPA2/WPA3 mixed mode. The ESP32 will attempt WPA3-SAE first; if that fails or is not advertised for the connection, it may fall back to WPA2-PSK. This is often the most compatible option for mixed environments. PMF should be enabled.
WIFI_AUTH_WPA2_ENTERPRISE Used for WPA3-Enterprise connections. The ESP32, configured with this mode and appropriate EAP settings (Chapter 42), will negotiate WPA3-Enterprise parameters if the AP supports it. Crucially, PMF must be enabled and set to required in wifi_config.sta.pmf_cfg.
PMF Configuration
(wifi_config.sta.pmf_cfg)		 .capable = true
.required = true		 Indicates the ESP32 supports PMF and requires it for the connection. This is the standard setting for WPA3 connections (both Personal and Enterprise).
Wi-Fi Enhanced Open™
(wifi_config.sta.threshold.authmode)		 WIFI_AUTH_OWE For connecting to open networks that use Opportunistic Wireless Encryption (OWE), a feature introduced alongside WPA3 for enhanced privacy on public networks.

Practical Examples

Example 1: Connecting to a WPA3-Personal (SAE) Network

This example demonstrates how to configure the ESP32 to connect to a WiFi network secured with WPA3-Personal (SAE).

Prerequisites:

  1. An ESP32 development board.
  2. ESP-IDF v5.x installed and configured in VS Code.
  3. A WiFi Access Point configured for WPA3-Personal (SAE) or WPA2/WPA3-Personal mixed mode.
  4. The SSID and password for the WPA3 network.

1. Project Setup & Configuration:

  • Create a new ESP-IDF project or use a copy of a basic WiFi station example.
  • Run idf.py menuconfig:
    • Navigate to Component config -> Wi-Fi.
    • Ensure WiFi Station Enable is checked.
    • Enable Enable WPA3-Personal (SAE) support (CONFIG_ESP_WIFI_ENABLE_WPA3_SAE).
    • Save and exit menuconfig.

2. Code Implementation:

%%{ init: { 'theme': 'base', 'themeVariables': { 
    'fontFamily': 'Open Sans',
    'primaryColor': '#DBEAFE', /* Light Blue for process nodes */
    'primaryBorderColor': '#2563EB',
    'primaryTextColor': '#1E40AF',
    'lineColor': '#5B21B6', /* Purple for lines */
    'textColor': '#1F2937',
    'startNodeFill': '#EDE9FE', 'startNodeStroke': '#5B21B6', 'startNodeColor': '#5B21B6',
    'endNodeFill': '#D1FAE5', 'endNodeStroke': '#059669', 'endNodeColor': '#065F46',
    'checkNodeFill': '#FEE2E2', 'checkNodeStroke': '#DC2626', 'checkNodeColor': '#991B1B'
} } }%%
graph TD
    A(Start WPA3-SAE Setup):::startNode --> B(Initialize NVS);
    class B processNode;
    B --> C("Initialize TCP/IP Stack & Event Loop<br><i>esp_netif_init()</i>, <i>esp_event_loop_create_default()</i>");
    class C processNode;
    C --> D("Create Default WiFi STA netif<br><i>esp_netif_create_default_wifi_sta()</i>");
    class D processNode;
    D --> E("Initialize WiFi Driver<br><i>esp_wifi_init(&cfg_default)</i>");
    class E processNode;
    E --> F("Register WiFi & IP Event Handlers");
    class F processNode;

    F --> G("Define `wifi_config_t`");
    class G processNode;
    G -- Set SSID --> G_SSID("<code class="code-mermaid">.sta.ssid = <b>YOUR_WPA3_SSID</b></code>");
    G -- Set Password --> G_PASS("<code class="code-mermaid">.sta.password = <b>YOUR_WPA3_PASSWORD</b></code>");
    G -- Set Auth Mode --> G_AUTH("<code class="code-mermaid">.sta.threshold.authmode = WIFI_AUTH_WPA3_PSK</code><br>or <code class="code-mermaid">WIFI_AUTH_WPA2_WPA3_PSK</code>");
    G -- Configure PMF --> G_PMF("<code class="code-mermaid">.sta.pmf_cfg.capable = true</code><br><code class="code-mermaid">.sta.pmf_cfg.required = true</code>");
    
    subgraph WiFi Configuration
        direction LR
        G_SSID; G_PASS; G_AUTH; G_PMF;
    end

    G_PMF --> H("Set WiFi Mode to STA<br><i>esp_wifi_set_mode(WIFI_MODE_STA)</i>");
    class H processNode;
    H --> I("Set WiFi Configuration<br><i>esp_wifi_set_config(WIFI_IF_STA, &wifi_config)</i>");
    class I processNode;
    I --> J("Start WiFi Driver<br><i>esp_wifi_start()</i>");
    class J processNode;
    J --> K{"Event Handler calls <i>esp_wifi_connect()</i><br>on WIFI_EVENT_STA_START"};
    class K processNode;
    K --> L("ESP32 Attempts SAE Handshake..."):::endNode;

    J -- Error --> ErrStart("Handle <i>esp_wifi_start</i> Error"):::checkNode;
    I -- Error --> ErrConf("Handle <i>esp_wifi_set_config</i> Error"):::checkNode;

    style A fill:#EDE9FE,stroke:#5B21B6,color:#5B21B6;
    style L fill:#D1FAE5,stroke:#059669,color:#065F46;
    style ErrStart fill:#FEE2E2,stroke:#DC2626,color:#991B1B;
    style ErrConf fill:#FEE2E2,stroke:#DC2626,color:#991B1B;
C
// main.c
#include <stdio.h>
#include <string.h>
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/event_groups.h"
#include "esp_system.h"
#include "esp_wifi.h"
#include "esp_event.h"
#include "esp_log.h"
#include "nvs_flash.h"
#include "esp_netif.h"

static const char *TAG = "WPA3_SAE_EXAMPLE";

// Event group to signal WiFi connection status
static EventGroupHandle_t s_wifi_event_group;
const int WIFI_CONNECTED_BIT = BIT0;
const int WIFI_FAIL_BIT = BIT1;

// --- Configuration ---
// Replace with your actual WPA3 network SSID and password
#define EXAMPLE_ESP_WIFI_SSID      "YOUR_WPA3_SSID"
#define EXAMPLE_ESP_WIFI_PASS      "YOUR_WPA3_PASSWORD"

static void event_handler(void* arg, esp_event_base_t event_base,
                                int32_t event_id, void* event_data)
{
    if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
        ESP_LOGI(TAG, "WIFI_EVENT_STA_START: Station mode started, attempting to connect...");
        esp_wifi_connect();
    } else if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_DISCONNECTED) {
        wifi_event_sta_disconnected_t* disconnected_event = (wifi_event_sta_disconnected_t*) event_data;
        ESP_LOGW(TAG, "WIFI_EVENT_STA_DISCONNECTED: Disconnected from AP, reason: %d", disconnected_event->reason);
        // Common reasons:
        // WIFI_REASON_SAE_HANDSHAKE_FAILED (212) - Password mismatch or other SAE issue
        // WIFI_REASON_AUTH_EXPIRE (2)
        // WIFI_REASON_ASSOC_EXPIRE (3)
        // WIFI_REASON_HANDSHAKE_TIMEOUT (204)
        if (disconnected_event->reason == WIFI_REASON_SAE_HANDSHAKE_FAILED) {
            ESP_LOGE(TAG, "SAE handshake failed. Check password or AP WPA3 configuration.");
        } else if (disconnected_event->reason == WIFI_REASON_NO_AP_FOUND) {
             ESP_LOGE(TAG, "No AP found with the specified SSID.");
        } else {
            ESP_LOGI(TAG, "Attempting to reconnect...");
            esp_wifi_connect(); // Simple reconnect attempt
        }
        xEventGroupClearBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
        xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
    } else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
        ip_event_got_ip_t* event = (ip_event_got_ip_t*) event_data;
        ESP_LOGI(TAG, "IP_EVENT_STA_GOT_IP: Got IP address: " IPSTR, IP2STR(&event->ip_info.ip));
        xEventGroupClearBits(s_wifi_event_group, WIFI_FAIL_BIT);
        xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
    } else {
        ESP_LOGD(TAG, "Received unhandled event: base=%s, id=%ld", event_base, event_id);
    }
}

void wifi_init_sta_wpa3_sae(void)
{
    s_wifi_event_group = xEventGroupCreate();

    ESP_ERROR_CHECK(esp_netif_init());
    ESP_ERROR_CHECK(esp_event_loop_create_default());
    esp_netif_t *sta_netif = esp_netif_create_default_wifi_sta();
    assert(sta_netif);

    wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
    ESP_ERROR_CHECK(esp_wifi_init(&cfg));

    ESP_ERROR_CHECK(esp_event_handler_register(WIFI_EVENT, ESP_EVENT_ANY_ID, &event_handler, NULL));
    ESP_ERROR_CHECK(esp_event_handler_register(IP_EVENT, IP_EVENT_STA_GOT_IP, &event_handler, NULL));

    wifi_config_t wifi_config = {
        .sta = {
            .ssid = EXAMPLE_ESP_WIFI_SSID,
            .password = EXAMPLE_ESP_WIFI_PASS,
            // Set authmode to WPA3_PSK for WPA3-Personal (SAE)
            // Or WIFI_AUTH_WPA2_WPA3_PSK for WPA2/WPA3 mixed mode
            .threshold.authmode = WIFI_AUTH_WPA3_PSK,
            // PMF configuration
            // For WPA3, PMF is typically required by the AP.
            // Setting capable=true and required=true is recommended.
            .pmf_cfg = {
                .capable = true,
                .required = true 
            },
        },
    };
    
    // If your AP is in WPA2/WPA3 mixed mode, you might prefer WIFI_AUTH_WPA2_WPA3_PSK
    // wifi_config.sta.threshold.authmode = WIFI_AUTH_WPA2_WPA3_PSK;
    // If you know for sure the AP is WPA3-only, WIFI_AUTH_WPA3_PSK is more specific.

    ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA));
    ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config));
    ESP_LOGI(TAG, "Starting WiFi in STA mode for WPA3-SAE connection...");
    ESP_ERROR_CHECK(esp_wifi_start());

    ESP_LOGI(TAG, "wifi_init_sta_wpa3_sae finished.");
    ESP_LOGI(TAG, "Waiting for connection to SSID: %s", EXAMPLE_ESP_WIFI_SSID);
}

void app_main(void)
{
    // Initialize NVS
    esp_err_t ret = nvs_flash_init();
    if (ret == ESP_ERR_NVS_NO_FREE_PAGES || ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
      ESP_ERROR_CHECK(nvs_flash_erase());
      ret = nvs_flash_init();
    }
    ESP_ERROR_CHECK(ret);

    ESP_LOGI(TAG, "ESP32 WPA3-SAE Example");
    wifi_init_sta_wpa3_sae();

    // Wait for connection or failure
    EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
                                           WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
                                           pdFALSE, // Don't clear on exit
                                           pdFALSE, // Wait for EITHER bit
                                           portMAX_DELAY); // Wait indefinitely

    if (bits & WIFI_CONNECTED_BIT) {
        ESP_LOGI(TAG, "Successfully connected to AP (WPA3-SAE)!");
    } else if (bits & WIFI_FAIL_BIT) {
        ESP_LOGE(TAG, "Failed to connect to AP (WPA3-SAE). Check logs for reason.");
    } else {
        ESP_LOGE(TAG, "Unexpected event from xEventGroupWaitBits.");
    }
    
    // Main task can do other things or just idle
    while(1) {
        vTaskDelay(pdMS_TO_TICKS(60000));
    }
}

3. Build, Flash, and Observe:

  • Build: Use idf.py build or the VS Code build button.
  • Flash: Use idf.py -p (YOUR_PORT) flash or the VS Code flash button.
  • Monitor: Use idf.py -p (YOUR_PORT) monitor or the VS Code monitor button.

Observe the serial output. You should see the ESP32 attempting to connect. If successful, it will log the IP address. If it fails, pay attention to the disconnect reason code. WIFI_REASON_SAE_HANDSHAKE_FAILED (212) is a common indicator of password mismatch or other SAE negotiation issues.

Tip: If your AP is in WPA2/WPA3 mixed mode, using wifi_config.sta.threshold.authmode = WIFI_AUTH_WPA2_WPA3_PSK; can be more robust as it allows the ESP32 to negotiate either WPA3 or WPA2. If you set WIFI_AUTH_WPA3_PSK and the AP only offers WPA2 at that moment (or vice-versa due to configuration), the connection might fail.

Example 2: Notes on WPA3-Enterprise

Connecting to a WPA3-Enterprise network from an ESP32 largely follows the same principles as connecting to a WPA2-Enterprise network (covered in Chapter 42). The key differences lie in the AP and RADIUS server configurations and the ESP32’s PMF settings.

  • EAP Methods: The same EAP methods (EAP-TLS, EAP-PEAP, EAP-TTLS) are used. Your ESP32 configuration for identity, username/password (for PEAP/TTLS), and certificates (for TLS/PEAP/TTLS server validation) will be identical to the WPA2-Enterprise setup.
  • ESP-IDF Configuration:
    • Ensure CONFIG_ESP_WIFI_WPA2_ENT_SUPPORT is enabled in menuconfig.
    • The wifi_auth_mode_t in wifi_config_t would still typically be WIFI_AUTH_WPA2_ENTERPRISE. The WiFi stack, when communicating with a WPA3-Enterprise AP, will negotiate the appropriate WPA3 parameters.
    • Crucially, PMF must be enabled and usually required:wifi_config.sta.pmf_cfg.capable = true; wifi_config.sta.pmf_cfg.required = true;
  • AP and RADIUS Server: The Access Point and RADIUS server must be explicitly configured to support WPA3-Enterprise. This includes enabling PMF and potentially supporting the 192-bit security mode if required.
  • 192-bit Security Mode: If your network uses the WPA3-Enterprise 192-bit security mode, ensure your chosen EAP method and the certificates/ciphers used by the ESP32 and RADIUS server are compliant with these higher strength requirements. ESP-IDF’s support for specific 192-bit ciphers depends on the underlying mbedTLS configuration and hardware crypto support.

In essence, for WPA3-Enterprise from the ESP32’s perspective, you configure it like WPA2-Enterprise but ensure PMF is strictly enforced. The AP handles the distinction of it being a WPA3-Enterprise network.

Variant Notes

WPA3 support (both WPA3-Personal SAE and WPA3-Enterprise capabilities) is generally available on ESP32 variants that have WiFi and sufficient processing power for the enhanced cryptographic operations.

  • Supported Variants:
    • ESP32: Full support.
    • ESP32-S2: Full support.
    • ESP32-S3: Full support.
    • ESP32-C3: Full support.
    • ESP32-C6: Full support.
  • ESP-IDF Version: WPA3 support, particularly for SAE, has matured over ESP-IDF versions. Using ESP-IDF v4.2 or later is recommended for robust WPA3 functionality, with v5.x being the target for this book.
  • Hardware Acceleration: Most ESP32 variants include hardware acceleration for cryptographic operations (like AES and SHA), which benefits WPA3 performance. The specifics of acceleration for elliptic curve operations used in SAE might vary slightly but are generally handled efficiently.
  • Resource Usage: WPA3, especially SAE, can be slightly more computationally intensive than WPA2 during the initial handshake. This might lead to a marginally longer connection time but is usually not a significant issue for typical applications.
  • ESP32-H2: Does not support WiFi and therefore does not support WPA3.

Always ensure your ESP-IDF is up-to-date and check the menuconfig options related to WPA3 for your specific ESP-IDF version and target chip.

Common Mistakes & Troubleshooting Tips

Mistake / Issue Symptom(s) Troubleshooting / Solution
AP Not Properly Configured for WPA3 ESP32 fails to connect. Logs might show WIFI_REASON_NO_AP_FOUND (if SSID is WPA3-only and ESP32 tries WPA2), or SAE handshake failures. Fix: Verify AP settings. Ensure it’s explicitly set to WPA3-Personal (SAE), WPA2/WPA3-Personal mixed mode, or WPA3-Enterprise. Test AP with another WPA3 device (e.g., modern phone). Update AP firmware.
ESP-IDF CONFIG_ESP_WIFI_ENABLE_WPA3_SAE Not Enabled For WPA3-Personal, connection fails. esp_wifi_set_config() might return an error if WIFI_AUTH_WPA3_PSK is used without this Kconfig. Fix: Ensure CONFIG_ESP_WIFI_ENABLE_WPA3_SAE is enabled in menuconfig (Component config -> Wi-Fi). Rebuild project.
Incorrect authmode in wifi_config_t Connection failure. E.g., using WIFI_AUTH_WPA2_PSK for a WPA3-only AP, or WIFI_AUTH_WPA3_PSK for a WPA2-only AP. Fix: Use WIFI_AUTH_WPA3_PSK for WPA3-SAE only networks. Use WIFI_AUTH_WPA2_WPA3_PSK for mixed-mode networks. Match ESP32’s authmode to the AP’s configuration.
Password Mismatch (SAE) SAE handshake fails. ESP32 logs show disconnect reason WIFI_REASON_SAE_HANDSHAKE_FAILED (often code 212). Fix: Triple-check the password for typos, case sensitivity, and special characters on both the ESP32 (wifi_config.sta.password) and the AP.
PMF Configuration Mismatch Connection fails, especially if AP requires PMF and ESP32 doesn’t offer it, or vice-versa (though WPA3 mandates PMF). Fix: For WPA3, PMF is generally mandatory. Set wifi_config.sta.pmf_cfg.capable = true; and .required = true; on the ESP32. Ensure AP’s PMF settings are compatible (usually “Required” or “Capable” for WPA3).
Old ESP-IDF Version or WiFi Driver Issues Unstable WPA3 connections, unexpected disconnects, or lack of WPA3 authmodes. Fix: Update to a recent stable ESP-IDF version (e.g., v5.x or latest stable v4.x). Check Espressif’s documentation/forums for known WPA3 issues for your chip/IDF version.
Transition Mode Ambiguity Device connects using WPA2-PSK instead of WPA3-SAE on a mixed-mode network, thus not getting WPA3 benefits. Fix: While WIFI_AUTH_WPA2_WPA3_PSK allows fallback, ensure AP prioritizes WPA3. Some APs might have settings for this. Monitor connection type if possible (AP logs or advanced client utilities). Forcing WIFI_AUTH_WPA3_PSK on ESP32 can test if AP truly offers WPA3 in mixed mode.

Exercises

  1. WPA3 Connection Mode Explorer:
    • Modify the WPA3-Personal example. Add logic to attempt connection using WIFI_AUTH_WPA3_PSK first. If it fails with a specific reason (e.g., WIFI_REASON_NO_AP_FOUND or WIFI_REASON_SAE_HANDSHAKE_FAILED after a timeout), then automatically retry the connection using WIFI_AUTH_WPA2_WPA3_PSK.
    • Log which authentication mode was successful or if both failed. This helps in environments where the AP mode isn’t precisely known.
  2. Enhanced WPA3 Disconnect Reason Analysis:
    • Expand the WIFI_EVENT_STA_DISCONNECTED handler in the WPA3 example.
    • Research and add more case statements for different reason codes relevant to WPA3/SAE failures (e.g., WIFI_REASON_SAE_INVALID_PMKID, WIFI_REASON_SAE_INVALID_H2E_PARAM, etc., if such distinct codes are exposed and documented for the IDF version).
    • Provide more descriptive error messages to the user based on these specific reasons.

Summary

  • WPA3 significantly enhances WiFi security over WPA2 by addressing key vulnerabilities.
  • WPA3-Personal uses Simultaneous Authentication of Equals (SAE), replacing PSK to prevent offline dictionary attacks and provide forward secrecy.
  • WPA3-Enterprise mandates Protected Management Frames (PMF) and offers an optional 192-bit security mode for higher security environments.
  • PMF (IEEE 802.11w) protects management frames from forgery and eavesdropping and is a core component of WPA3.
  • ESP-IDF supports WPA3-Personal (SAE) via WIFI_AUTH_WPA3_PSK and WIFI_AUTH_WPA2_WPA3_PSK authmodes, requiring CONFIG_ESP_WIFI_ENABLE_WPA3_SAE.
  • For WPA3-Enterprise, ESP32 configuration is similar to WPA2-Enterprise but with mandatory PMF.
  • Most modern ESP32 variants (ESP32, S2, S3, C3, C6) support WPA3.
  • Successful WPA3 deployment requires correct configuration on both the client (ESP32) and the Access Point.

Further Reading

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top