reply to Jasu
Re: WPA2 Security
quote:If you read the statement which I quoted you would know the quoted statement is incorrect. Let me quote it again.
Yes it is. Passphrase is used to calculate PMK which is used to calculate PTK ...
quote:It is not used to encrypt anything. It is used to derive keys but it is not used to encrypt. The derived keys are used to encrypt. Same as virtually all other schemes which use a password or passphrase. Good security practices includes not using a user entered password/passphrase as a key. Unlike WEP, people who understand security and security practices were involved in developing WPA/WPA2.
I think the passphrase is also used to encrypt the traffic