TLS and MD5 with hostapd
sam at errno.com
Mon Feb 9 11:24:14 EST 2004
On Monday 09 February 2004 08:10 am, Brian Beattie wrote:
> On Mon, 2004-02-09 at 01:41, Jim Thompson wrote:
> > No, you don't want to use EAP/MD5 for 802.11.
> > Jim
> And Jim knows everything, juts ask him.
> So Jim, would you care to enlighten us as to why Brade does not want to
> use EAP/MD5? or should we just take your word for it?
A quick google search found several papers that explained how+why EAP-MD5 is
prone to attacks in a shared-channel environment. In fact folks are trying
to get it removed from 802.1i1i.
More information about the HostAP