A Practical, Targeted, and Stealthy Attack Against WPA Enterprise Authentication

Author(s): Aldo Cassola, William Robertson, Engin Kirda, Guevara Noubir

Download: Paper (PDF)

Date: 23 Apr 2013

Document Type: Presentations

Additional Documents: Slides

Associated Event: NDSS Symposium 2013

Abstract:

WPA2-Enterprise wireless networks rely on TLS to protect the underlying MSCHAPv2 authentication. Other layers of the authentication process however, from the physical to the user interface, introduce weaknesses that allow hard to detect Man-In-The-Middle attacks. We propose a novel attack, a prototype implementation, and the evaluation of its end-to-end efficacy using user experiments to demonstrate the need for new security measures across the software stack.