[Cryptography] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

grarpamp grarpamp at gmail.com
Wed Nov 1 19:10:16 EDT 2017


> server uses its own certificate authority to
> lessen the potential for a MITM attack.

Many mixup rogue CA with MITM.
Private CA rarely mitigates either since
a) full stock of public roots usually still installed and active
b) fingerprints / certs still rarely pinned down
c) possible MITM's exist at many layers

> proper use of a shared static secret key.

Wrapping / initializing things with PSK's is different situation,
though only if exchanged out of band, and such auth / psk
modes are hard enabled.


More information about the cryptography mailing list