eap-10----Page:7
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Problem Conditions Dual role man-in-the-middle attacker (rogue authenticator + rogue supplicant) Credential and authentication method re-use with and without tunnels Use of one-way server authenticated tunnel Use of tunnel session keys alone and no inner method session keys All conditions have to be true for the attack |