nerdexam
EC-Council

312-50V11 · Question #983

Which wireless security protocol replaces the personal pre-shared key (PSK) authentication with Simultaneous Authentication of Equals (SAE) and is therefore resistant to offline dictionary attacks?

The correct answer is A. WPA3-Personal. WPA3-Personal replaces the traditional pre-shared key handshake with Simultaneous Authentication of Equals (SAE), which provides resistance to offline dictionary attacks by never transmitting a verifiable password hash.

Hacking Wireless Networks

Question

Which wireless security protocol replaces the personal pre-shared key (PSK) authentication with Simultaneous Authentication of Equals (SAE) and is therefore resistant to offline dictionary attacks?

Options

  • AWPA3-Personal
  • BWPA2-Enterprise
  • CBluetooth
  • DZigBee

How the community answered

(28 responses)
  • A
    93% (26)
  • B
    4% (1)
  • C
    4% (1)

Why each option

WPA3-Personal replaces the traditional pre-shared key handshake with Simultaneous Authentication of Equals (SAE), which provides resistance to offline dictionary attacks by never transmitting a verifiable password hash.

AWPA3-PersonalCorrect

WPA3-Personal uses SAE (defined in IEEE 802.11-2016 as a Dragonfly-based handshake) in place of the WPA2-Personal PSK 4-way handshake. SAE is a zero-knowledge proof protocol where both parties prove knowledge of the password without transmitting anything that can be captured and brute-forced offline. This property - called forward secrecy - means even if an attacker records the handshake, they cannot perform an offline dictionary attack against it, which was a known weakness of WPA2-Personal.

BWPA2-Enterprise

WPA2-Enterprise uses 802.1X with a RADIUS authentication server and EAP methods rather than PSK or SAE, and it does not replace PSK with SAE.

CBluetooth

Bluetooth is a short-range wireless personal area network protocol entirely unrelated to the Wi-Fi (IEEE 802.11) security standard family that includes WPA2 and WPA3.

DZigBee

ZigBee is a low-power mesh networking protocol designed for IoT devices and operates on IEEE 802.15.4, making it unrelated to Wi-Fi authentication protocols like WPA3.

Concept tested: WPA3-Personal SAE authentication and offline attack resistance

Source: https://www.wi-fi.org/discover-wi-fi/security

Topics

#WPA3-Personal#SAE authentication#PSK replacement#offline dictionary attacks

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice