On Fri, Oct 30, 2015 at 08:58:02PM +0530, Neelansh Mittal wrote: > Could any one please let me know why 80211s uses SAE instead of the 4 > way handshake? It is not really using SAE instead of the 4-way handshake; SAE is used to derive a PMK that can be used in the next step. > Couldn't they used the already existing WPA2 handshake to check if > both the parties have the correct PMK (and thereby authenticating each > other). If there was no concern about the security of low-entropy passwords, yes, something like that could have been done, but SAE makes the design stronger from security view point for cases where the passwords used to protect the network are not exactly strong (which is likely to be a common case). The 4-way handshake is not exactly ideal for use cases where the PMK is not of sufficient entropy (e.g., anything based on human generated passwords could be subject to offline dictionary attacks). -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap