What Is OWE? What Problems Does OWE Solve?

Risks of Traditional Open Wi-Fi Networks

Nowadays, public Wi-Fi networks are available in various public venues, such as airports, stations, hotels, and stadiums. Most of these Wi-Fi networks adopt the open authentication mode to allow for user access anytime anywhere, without entering the password. Such open Wi-Fi networks, however, are vulnerable to unauthorized access of attackers. Additionally, as data exchanged between STAs and Wi-Fi networks is transparent and unencrypted, attackers may listen on the data transmission process and intercept user data.

Enhanced Open Wi-Fi Networks Using OWE Authentication

In 2018, the Wi-Fi Alliance released WPA3 — the next-generation Wi-Fi encryption protocol — to resolve the insecure data transmission issue caused by open authentication on Wi-Fi networks. WPA3 provides the Enhanced Open network authentication mode — OWE authentication — based on open system authentication.

OWE authentication makes Wi-Fi network access as convenient as that in open authentication mode, allowing users to access the Wi-Fi network without entering the password. In OWE authentication mode, a STA and an AP perform a Diffie-Hellman key exchange to encrypt data transmitted between the STA and Wi-Fi network, thereby protecting user data security.

Open Authentication Process

When an AP uses open authentication, it allows all authentication requests from STAs. The following figure illustrates the specific authentication process.

Open authentication process

1. Authentication Request: The STA sends an Authentication Request to the AP.

2. Authentication Response: The AP uses open authentication that allows all authentication requests and therefore returns the success authentication result to the STA.