Can attacker eavesdrop on the user credentials during WPA2 (802.1X) handshake?

hexHujer

1/13/24, 2:19 PM

In a WPA2 (802.1X) scenario, there are 3 entities -> Supplicant (client), Authenticator (router) and Authentication server (Radius server). Radius server performs the authentication process and, as far as I understand, in the authentication process, the router works only as a proxy.

If an attacker is able to sniff the communication between the client and the router during WPA2 (802.1X) handshake, can he observe the client's credentials?

Or does the client somehow (e.g. using some sort of Diffie Hellman algorithm or using Radius server certificate returned to the client by the router) encrypt the credentials?

Or does it depend on the specific configuration? What conditions would have to be met in order for the attacker to successfully intercept the user credentials?

Thank you

0 + 0

encoding

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Can attacker eavesdrop on the user credentials during WPA2 (802.1X) handshake?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.