Jason, Your subject mentions WPA2-enterprise, and the body of your text mentions PSK.
If you move your infrastructure to WPA2-PSK, yes if someone watches the 4 way handshake they can get the key between AP and device for all people on the WPA2-PSK network. With WPA2-enterprise it is more complicated since each user has a key per session and you can also change the rekeying interval. There are some papers out there showing that they can crack WPA2-enterprise but it seems like a lot of work Philippe Philippe Hanset www.eduroam.us<http://www.eduroam.us> On Apr 18, 2013, at 4:22 PM, "Becker, Jason" <[email protected]<mailto:[email protected]>> wrote: We planned to move to a psk ssid but have heard that it is possible to decrypt this traffic if you have the key and watch the 4 way handshake to get the key between the ap and device. Has anyone run into this or been able to do this? ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
