|
|
|
|
|
|
by law_of_poe
5288 days ago
|
|
|
Not much math necessary for the explanation. Follow the link jaylevitt posted: When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 108 to 104 + 103 which is 11,000 attempts in total. |
|
|