WPA2 is the most robust security configuration available today for WiFi networks. It is widely used to secure enterprise WLANs. Interestingly, it is also being used to secure guest, municipal and public WiFi networks. In this paper, we present a new vulnerability found in WPA2 protocol which can be exploited by a malicious user to attack and compromise legitimate users. We also present a few attack mitigation techniques which can be used to protect genuine WiFi users.
Md Sohail Ahmad is a wireless security researcher and currently works as a Manager Technology at AirTight Networks. He has over six years of experience of research and development in various wireless technologies such WiFi, Bluetooth, GSM, GPRS etc. He possesses strong background in secure driver development, protocol development, wireless network security and vulnerability assessment. He has discovered many security flaws and implementation vulnerabilities which has been presented in several international security events such as Defcon, Toorcon, Comsware etc. He holds an MTech in Computer Science from Indian Institute of Technology Roorkee, India.