War Never Changes: Attacks Against WPA3’s “Enhanced Open” — Part 3: OWE Nearly Indistinguishable From Open Wireless In Terms of Risk

This research blog evaluates Opportunistic Wireless Encryption (OWE) and demonstrates that, while OWE provides encryption for unauthenticated networks, it does not provide a mechanism to validate access-point identity and therefore remains vulnerable to rogue access point (evil twin) attacks. The authors document lab procedures using hostapd, wpa_supplicant, Wireshark, and eaphammer to create OWE APs and a rogue OWE evil twin, and conclude that OWE is nearly indistinguishable from open Wi‑Fi in real-world risk because it fails to mitigate active attacks despite mandating Protected Management Frames (PMF).