Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Nathiya_M — Wed, 27 Aug 2025 13:10:57 GMT

Introduction:

The Wi-Fi Alliance introduced WPA3 in 2018 and it is a successor to WPA2. It was released to address the security limitations of WPA2, such as offline dictionary attacks and KRACK & Kraken attacks. Like WPA2, WPA3 also comes in two variants: Personal & Enterprise, but with significant improvements in authentication and encryption. This article focuses on the differences between WPA3-Personal and Transition Mode, illustrated with real-world packet captures.

Why WPA3 and Not WPA2:

Before we dive into the WPA3 modes, it is important to understand why WPA3 is needed and why WPA2 is no longer sufficient. The WPA2 security standard has been in use since 2004, and it is still widely used on many networks. As of now, not many devices support WPA3. In WPA2-Personal, security heavily depends on the strength of the passphrase. That passphrase is directly converted into a PMK which is then used in the 4-way handshake for key derivation. When weak passwords are used, WPA2 networks are vulnerable to KRACK and offline dictionary attacks. On the contrary, WPA3-Personal uses SAE (Simultaneous Authentication of Equals) to generate the PMK, which offers stronger resistance to offline dictionary attacks. The table below highlights the major improvements WPA3 introduces over WPA2.

WPA2 vs. WPA3:

Features	WPA2	WPA3
Encryption	AES-CCMP	GCMP-256 / AES-CCMP
Key Size	128-bit	128 & 192-bit for Enterprise
Authentication Types	PSK / Enterprise	SAE / Enterprise
PMF Support	Optional	Mandatory
Forward Secrecy	Not Supported	Supported
Security Level	High	Very High
Protection against Attacks	Susceptible to KRACK and offline dictionary attacks	Resistant to KRACK and offline dictionary attacks
Backward Compatibility	Support WPA-PSK	Support WPA2-PSK in Transition mode

WPA3 Types:

WPA3-Personal
WPA3-Enterprise

Types are further divided into:

WPA3:

SAE is the authentication type used in WPA3, but it is not new to wireless. It was first introduced in mesh networks (802.11s) to allow APs to discover and authenticate with each other simultaneously. SAE belongs to a family of protocols known as Password-Authenticated Key Exchanges (PAKEs), which let two devices prove they both know the same password without ever sending it across the air. To achieve this, WPA3 uses the Dragonfly handshake, a two-step process where the client and access point exchange special cryptographic values (commit and confirm messages). These values act like proofs that the password is correct, but without revealing the password itself. The result is a shared secret that is unique for every client–AP connection, which then becomes the basis for the Pairwise Master Key (PMK). This design not only blocks offline dictionary attacks but also ensures forward secrecy, so that even if the Wi-Fi password is stolen later, previously captured traffic remains secure. In addition to SAE, WPA3 makes Protected Management Frames (PMF) mandatory, blocking spoofed disassociation or deauthentication frames that plagued WPA2.

How is the PMK generated in WPA3-Personal mode?

For clarity, the explanation below is kept simple and focuses only on the essential steps. It is not intended to cover the full mathematics or cryptographic proof behind SAE and Dragonfly

Dragonfly Handshake - Steps:

1. Generating Private Values:

Both AP and client pick 2 random numbers. ‘r’ & ‘m’.
- ‘r’ - a private random value (acts like a private key)
- ‘m’ - a masking value to protect the private key
These values are not shared with anyone.

2. Creating PWE:

Passphrase is used as a seed to create PWE along with both device’s MAC addresses.
The PWE is mapped to a point on elliptic curve. This mapping uses a process called hunting and pecking, where the password, MAC addresses, and a counter are repeatedly hashed until a valid curve point is found.
SAE allows up to 40 attempts.
This “PWE” is unique for each client–AP pair.

3. Scalar:

A scalar is computed as:
- scalar = (r + m) mod q, where ‘q’ is the order of the elliptic curve group
The scalar will be sent as part of the commit frame.

4. Creating Public Key / Element:

Using a private value and PWE, both the devices create a public element.
- element = -m x PWE

5. Commit Phase:

Both the devices initiate the ECDH handshake by sending the calculated scalar and FFE (element).
No private key or actual passwords are revealed here.
Once both sides receive each other’s public value, they use it along with their own private scalar to compute a shared secret.

6. Confirm Phase:

Both the devices send the ‘confirm’ message once they derived the shared secret.
This works as a Zero-Knowledge Proof: each side proves knowledge of the password-derived secret without exposing the password itself.
The shared secrets are validated through mutual authentication, confirming that both parties have derived the same shared secret without ever transmitting the actual password

7. PMK Derivation:

Once both sides agree on the shared secret, a Key Derivation Function (KDF) expands it into the Pairwise Master Key (PMK).
From here, 4-way handshake process is same as WPA2-PSK. From the derived PMK, PTK and GTK keys are derived to protect user traffic.

PMK derivation in a flow chart:

Understanding the WPA3-Personal mode connection flow from packet capture:

I used ExtremeCloud IQ controller–AP [On-premise] for this testing. Wlan – SSID configuration from XIQ-C controller running on version 10.14.01

1. Packet # 1113 to 1173 – WPA3-Personal mode complete flow.

2. Beacon & Probe Response frames show the RSN Information of the BSS.

Supported “Group Suite,” “Pairwise Cipher Suite,” “Auth Key Management,” & “PMF Support” details.
Auth Key management—00-0F-AC:8 --> is indicating SAE is used.
Management frame Protection Required [MFPR] & Management frame Protection Capabilities [MFPC] --> True indicates PMF is mandatory

3. Authentication Frames 1 & 2 - Commit messages: Packets # 1148 & 1157

Authentication Frame 1 - Client to AP
Authentication Frame 2 – AP to client
- Which includes status code: Successful
- SAE type - Commit (1)
- Group ID: 19 - refer to cryptographic group used for ECDH (Elliptic Curve Diffie–Hellman)
- Scalar – masked Private value derived from r & m.
- FFE – Element - Public Key

4. Authentication Frames 3 & 4 – Confirm Messages: Packet # 1161 & 1162

Authentication frames 3 & 4 – Between client to AP and vice versa.
- Which includes, Status code: Successful
- SAE message type – Confirm (2)
- From client to AP: Send-Confirm 1
- From AP to Client: Send-Confirm 0
- Confirm: shows the Key Confirmation Token (KCK-derived MAC)

5. How to confirm in the capture that the PMK is generated:

After the successful PMK generation, it will lead to the 4-way key handshake with no error in the flow.

--------------------------------------------------------------------

WPA3-Personal Transition Mode:

WPA3 transition mode is used to provide support for mixed devices deployments to provide backward compatibility. As of now, not all the devices are capable of WPA3. For the customers who want security but also want to support WPA2 devices at the same time, the solution is to use the WPA3 transition mode. In Transition mode, PMF is optional, allowing WPA2 clients to connect.

Wlan SSID configuration for WPA3-Transition:

How to identify the difference between WPA3-personal and transition mode in the packet capture?

The BSS broadcasting the WPA3-transition mode will broadcast both the AKM suites. This information can be checked in the “Beacon” & “Probe Response” frame.
- The packet capture image above shows both the PSK & SAE AKM.
  - 00-0F-AC:2 --> is indicating PSK is used.
  - 00-0F-AC:8 --> is indicating SAE is used.
- PMF is optional.
  - Management frame Protection Required [MFPR] --> False
  - Management frame Protection Capabilities [MFPC] --> True (these values indicate PMF is optional).

2. The below image shows the connection flow from the WPA2 supported client connected to the WPA3 transition SSID but it is using AKM suite – PSK for connection but using same passphrase configured in the WPA3.

Unlike, 4 -Authentication frames in WPA3, this capture shows only 2.
The authentication algorithm is “Open System” and not "SAE".

How to check whether WPA3 is configured to use FT?

This option varies based on vendor. ExtremeCloud AP supports WPA3 SAE with FT. If the AP supports 802.11r, how to check the same in the packet capture?

As discussed before, in the “Beacon” and the “Probe Response” RSN Information “Auth Key Management” field will show 2 SAE types.
- Auth Key management—00-0F-AC:8 --> SAE is used.
- Auth Key management—00-0F-AC:9 --> FT using SAE is used.

What happens when non-WPA3 supported clients try to connect to the WPA3-personal mode:

Visual look:

When clicking WLAN icon, the WPA3 SSID will show with a “X” symbol and there will be no option given to ‘connect’. The message will show ‘can’t connect to this network’.

How to check for the wireless NIC WPA3 support in Windows laptop:

Use #netsh wlan show drivers to verify the list of supported AKM by the wireless NIC card.

WPA3 Strength & Weakness:

Category	Strengths	Weaknesses/Challenges
Authentication	SAE helps resist the offline dictionary & KRACK attacks & provides forward secrecy	Transition Mode allows the use of WPA2-PSK which reduces the security
Encryption	WPA3-Enterprise supports 192-bit CNSA suite (AES-GCMP-256, SHA-384, ECC)	Not all vendors/clients fully support advanced suites
Management Frame security	PMF mandatory protects against spoofed de-auth/disassociation attacks	Legacy clients without PMF cannot connect
Roaming / Mobility	Supports PMK caching and FT	Roaming behavior inconsistent across vendors; Observed, full SAE re-auth in WPA3-Personal at times.

Conclusion:

WPA3 strengthens Wi-Fi security by replacing PSK with SAE, enforcing Protected Management Frames, and introducing stronger encryption for both personal and enterprise deployments. While Transition Mode and inconsistent roaming remain challenges, WPA3 is a significant step forward. Organizations should plan phased migrations, retire WPA2 when possible, and adopt WPA3-only SSIDs to achieve the best balance of security and performance.

Reference:

[1]https://dl.aircrack-ng.org/wiki-files/doc/additional_papers/dragonblood.pdf

[2] https://www.wi-fi.org/system/files/WPA3%20Specification%20v3.4.pdf

[3] https://praneethwifi.in/2021/02/04/wpa3-authentication-part-1/?utm_source=chatgpt.com

[4] https://mrncciew.com/2019/11/29/wpa3-sae-mode/

[5] https://mrncciew.com/2019/11/29/wpa3-sae-transition-mode/

[6] https://wlan1nde.wordpress.com/2018/09/14/wpa3-improving-your-wlan-security/

[7] https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

[8] https://arubanetworking.hpe.com/techdocs/aos/wifi-design-deploy/security/modes/wpa3-personal/?utm_source=chatgpt.com

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Jamesatwell — Sat, 01 Nov 2025 14:24:59 GMT

The article provides an insightful breakdown of how WPA3-Personal enhances Wi-Fi security by addressing the long-standing vulnerabilities of WPA2. Through real-world packet captures, it becomes clear how WPA3’s SAE authentication method offers stronger protection against offline attacks and password weaknesses, especially when compared to the transitional mode used for backward compatibility. For anyone interested in exploring real-world network behavior and encryption in action, consider using reliable tools and staying informed through tech-focused resources. And if you enjoy deep-dive content like this, you might also want to install the Movie Box app to conveniently stream educational tech documentaries and tutorials.

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Johnpyatt — Tue, 16 Dec 2025 08:31:38 GMT

The article offers a clear explanation of how WPA3-Personal improves Wi-Fi security by fixing WPA2's long-standing flaws. When compared to the transitional mode employed for backward compatibility, it is evident from real-world packet captures that WPA3's SAE authentication technique provides better defense against offline attacks and password vulnerabilities. Anyone interested in learning about encryption and real-world network activity should think about using trustworthy tools and keeping up with tech-related sites. Additionally, you might want to install Bilibili to easily access instructional tech documentaries and lessons if you prefer in-depth stuff like this.

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Johnpyatt — Thu, 01 Jan 2026 06:43:48 GMT

The article provides a detailed description of how WPA3-Personal addresses the long-standing shortcomings of WPA2 to enhance Wi-Fi security. Real-world packet captures show that WPA3's SAE authentication approach offers superior protection against offline attacks and password vulnerabilities when compared to the transitional mode used for backward compatibility. Anyone who wants to learn about encryption and actual network activity should consider using reliable tools and staying up to date with tech-related websites. If you like in-depth content like this, you might also want to install Cineby gd so you can quickly access educational tech documentaries and lessons.

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

markwoo1122 — Wed, 28 Jan 2026 09:02:13 GMT

This is a very well-written and detailed explanation of WPA3-Personal and Transition Mode. I really like how the packet captures clearly show the differences between SAE and PSK, especially for people who troubleshoot Wi-Fi security in real environments. Articles like this make it much easier to understand why WPA3 matters today. Just like with secure networks, when users look for things such as an Inat TV download , it’s always important to rely on trusted sources and understand the underlying security to stay protected.

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

goojarato — Sat, 31 Jan 2026 15:21:27 GMT

This is a really solid and well-structured breakdown of why WPA3 was necessary and how it meaningfully improves on WPA2. I especially like how the article moves beyond surface-level comparisons and clearly explains why SAE and the Dragonfly handshake matter in real-world security, not just on paper. The step-by-step Website PMK generation section makes an otherwise complex cryptographic process much easier to grasp, even for readers who aren’t deep into wireless security.

topic Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures in General Discussion

Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Introduction:

Why WPA3 and Not WPA2:

WPA2 vs. WPA3:

WPA3 Types:

Types are further divided into:

WPA3:

How is the PMK generated in WPA3-Personal mode?

Dragonfly Handshake - Steps:

1. Generating Private Values:

2. Creating PWE:

3. Scalar:

4. Creating Public Key / Element:

5. Commit Phase:

6. Confirm Phase:

7. PMK Derivation:

PMK derivation in a flow chart:

Understanding the WPA3-Personal mode connection flow from packet capture:

WPA3-Personal Transition Mode:

How to identify the difference between WPA3-personal and transition mode in the packet capture?

How to check whether WPA3 is configured to use FT?

What happens when non-WPA3 supported clients try to connect to the WPA3-personal mode:

Visual look:

How to check for the wireless NIC WPA3 support in Windows laptop:

WPA3 Strength & Weakness:

Conclusion:

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures

Re: Understanding WPA3-Personal and Transition Mode Through Real-World Packet Captures