>
> I don't know, if it is truly only a ten line change to a common WPA2
> driver to read, intercept and alter practically any traffic on the
> network even in enterprise mode, that would seem like a serious issue
> to me. Setting up the enterprise mode stuff to work is a lot of time
> and effort. If it provides essentially no security over WPA2 in shared
> key mode, one wonders what the point of doing that work is. This
> doesn't seem like a mere engineering compromise.
If I understand the problem correctly, it doesn't strike me as particularly
serious. Fundamentally, it's a way for people in the same enterprise and on
the same LAN to see each other's traffic. A simple ARP-spoofing attack will do
the same thing; no crypto needed. Yes, that's a more active attack, and in
theory is somewhat more noticeable. In practice, I suspect the actual risk is
about the same.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
