Wi-Fi Enhanced Open

Wi-Fi Enhanced Open is a protocol for encrypting Wi-Fi sessions that occur over public networks. Introduced in 2018, Enhanced Open somewhat improves security for users on open public Wi-Fi networks. Its design is similar to opportunistic wireless encryption (OWE) and encrypts the connection between user device and network from end to end. Enhanced Open requires a Diffie-Hellman encryption key exchange, which is a method for securely exchanging cryptographic keys over a public channel. After the key exchange is successful, the networks perform a four-way handshake before finalizing and enabling an encrypted connection.

In the past, eavesdroppers would linger around public Wi-Fi sessions  to spy on the data exchanged. Because Enhanced Open encrypts the data, would-be trespassers cannot interpret it. Devices must have an advanced operating system version to support Enhanced Open. Android requires the HAL interface design language 1.2 to run the feature, and Android 10 and newer is needed to support Enhanced Open.

Weakness of OWE

Because Wi-Fi Enhanced Open is based on Opportunistic Wireless Encryption, it runs into the same problems. Though OWE encrypts sessions between a user and a Wi-Fi network, it doesn’t run an authentication process for either party. This makes a network connection susceptible to an evil twin attack, in which a malicious party renames their device to masquerade as a Wi-Fi network. When a user connects to this false network, the data is at risk. Though the Wi-Fi Alliance claims that Enhanced Open encrypts an open Wi-Fi network connection and is better than an entirely unencrypted network, it acknowledges that neither user nor network is verified. Even with Enhanced Open, using an open public Wi-Fi network carries risk.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.

Related Articles

@ Sign

Pronounced at sign or simply as at, this symbol is used in e-mail addressing to separate the user' name from the user's domain name,...

Munging

(MUHN-jing) Munging (address munging), is the act of altering an email address posted on a Web page to make it unreadable to bots and...

How to Create an RSS Feed

In the second installment of RSS how-to, we look at some of the nonrequired (optional) channel and item tags, discuss RSS specifications in-depth and...

Dictionary Attack

(n.) (1) A method used to break security systems, specifically password-based security systems, in which the attacker systematically tests all possible passwords beginning with...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...