Revision as of 15:33, 14 November 2013 edit 12.163.145.67 (talk) Undid revision 581461011 by 82.153.98.74 (talk) ← Previous edit		Revision as of 21:21, 14 November 2013 edit undo 64.128.208.115 (talk) No edit summary Next edit →
Line 36: As with other 802.1X and EAP types, dynamic encryption can be used with PEAP. A CA certificate must be used at each client to authenticate the server to each client before the client submits authentication credentials. If the CA certificate is not validated, in general it is trivial to introduce a fake Wireless Access Point which then allows gathering [[MS-CHAPv2]] of handshakes <ref name="Man-in-the-Middle in Tunneled Authentication Protocols">{{~~Citation~~cite ~~needed~~web\|~~date~~title=Man-in-the-Middle in Tunneled Authentication Protocols\|url=http://eprint.iacr.org/2002/163.pdf\|publisher=Nokia Research Center\|accessdate=14 November 2013}}</ref>. On recent hardware those handshakes can be cracked quickly. == PEAPv1 with EAP-GTC ==

Protected Extensible Authentication Protocol: Difference between revisions