How are encryption keys derived between NAS and Supplicant for 802.1x when using EAP as authentication method?

I’m wondering how key negotiation works for WPA2 Enterprise where a clear text protocol like EAP is used to authenticate the user. All the info I was able to find suggests that EAP is an inherently insecure authentication met… Continue reading How are encryption keys derived between NAS and Supplicant for 802.1x when using EAP as authentication method?

What is stronger – WPA2 Enterprise with 2048 bit key, or Personal with 63 character passphrase?

Which of the two following has a stronger cryptographic strength in withstanding brute-force attacks?

WPA/WPA2 Enterprise using 2048-bit RSA public-key
WPA/WPA2 Personal using 63-character Passphrase

Continue reading What is stronger – WPA2 Enterprise with 2048 bit key, or Personal with 63 character passphrase?

Is it possible for an 802.1x network (PEAP/MSCHAPv2) to have no certificate?

Is it possible for an 802.1x network (PEAP/MSCHAPv2) to have no certificate (CA, user, or otherwise)?

If so, what are the security implications?

The reason I ask is: I’m regularly connecting to a particular organization’s … Continue reading Is it possible for an 802.1x network (PEAP/MSCHAPv2) to have no certificate?