An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages.
What is the attack performed in the above scenario?
The scenario described involves an attacker forcing a user to connect to a rogue access point that only supports WPA2, despite the victim and the legitimate access point being compatible with more secure WPA3 encryption. By doing this, the attacker downgrades the security from WPA3 to WPA2, making it easier to intercept and crack the encrypted messages. This type of attack is known as a downgrade security attack, where a stronger security protocol is forced to downgrade to a weaker one for exploitation.
C. Downgrade security attack
C. CEH page 2510
CEHv12 2510
C. Downgrade security attack