What can cause speed degradation on some mobile clients when operating in mixed mode 'WPA2+WPA3'?

Speed degradation may occur when using a mixed 'WPA2+WPA3' type of encryption with some mobile devices (both old and not so). It is due to the feature of the Wi-Fi module, which is installed in the client device. For example, we've noticed such speed degradation on smartphones with Broadcom BCM4339 Wi-Fi module (used in ASUS ZenFone2, Google Nexus 5, Samsung Galaxy Note III, etc.).

Keenetic routers support the IEEE 802.11w standard from the IEEE 802.11 family of Protected Management Frames (PMF) standards. This functionality enhances security by ensuring data privacy within management frames.

TIP: Note: Keenetic models support hardware or mixed hardware/software encryption of control frames (depending on the model).

Full PMF hardware support (for all frame types) is used in the models:
- mt7613: Speedster (KN-3010), Carrier (KN-1711), Buddy 5 (KN-3310), Buddy 5S (KN-3410), Skipper 4G (KN-2910);
- mt7615: Hero (KN-1010), Skipper (KN-1910), Hero 4G (KN-2310), Giant (KN-2610), Hero DSL (KN-2410), Orbiter Pro (KN-2810), Titan (KN-1810), Titan DSL (KN-2510), Peak (KN-2710);
- mt7622: Peak (KN-2710), Titan (KN-1811);
- mt7915: Hero (KN-1011), Voyager Pro (KN-3510), Hero 4G+ (KN-2311).

Mixed hardware/software PMF support (hardware support for unicast frames, software support for group frames) is used in the models:
- mt7628: Runner 4G (KN-2210/2211), Carrier (KN-1711/1713), Buddy 5 (KN-3310);
- mt7603: Buddy 5S (KN-3410), Speedster (KN-3010), Skipper 4G (KN-2910);

In the mixed-mode 'WPA2+WPA3', Keenetic automatically indicates PMF Capable compatible mode rather than mandatory PMF Required. But when PMF is enabled, the client device can switch to software packet encryption, and the speed in both directions will be reduced by about 2.5 times. Some Wi-Fi modules in mobile devices do not support the collaboration of software control frame encryption with hardware packet encryption. And when PMF is used, these clients switch to software packet encryption, which causes speed reduction.  

WPA2+WPA3 mixed-mode encryption may limit the wireless network operation. For maximum compatibility, use WPA2 network protection. Enable WPA2+WPA3 mode only when you are sure that all devices on your home network are correctly working in this mode.

Was this article helpful?

42 out of 45 found this helpful