When using a mixed 'WPA2+WPA3' type of encryption with some mobile devices (both old and not so), speed degradation may occur. It is due to the feature of the Wi-Fi module, which is installed in the client device. For example, we've noticed such speed degradation on smartphones with Broadcom BCM4339 Wi-Fi module (used in ASUS ZenFone2, Google Nexus 5, Samsung Galaxy Note III, etc.).
Keenetic routers support the IEEE 802.11w standard from the IEEE 802.11 family of Protected Management Frames (PMF) standards. This functionality enhances security by ensuring data privacy within management frames. The Keenetic models (with a KN-XXXX index) support hardware packet encryption and hardware/software management frame encryption (depending on the model). Fully hardware encryption is used in Hero (KN-1010), Titan (KN-1810), and Skipper (KN-1910) models.
In the mixed-mode 'WPA2+WPA3', Keenetic automatically indicates PMF Capable compatible mode rather than mandatory PMF Required. But when PMF is enabled, the client device can switch to software packet encryption, and the speed in both directions will be reduced by about 2.5 times. Some Wi-Fi modules in mobile devices do not support the collaboration of software control frame encryption with hardware packet encryption. And when PMF is used, these clients switch to software packet encryption, which causes speed reduction.
WPA2+WPA3 mixed-mode encryption may limit the wireless network operation. For maximum compatibility, use WPA2 network protection. Enable WPA2+WPA3 mode only when you are sure that all devices on your home network are correctly working in this mode.