Yet another type of downgrade attack works by jamming and forging messages in the Dragonfly handshake in a way that indicates an access point doesn’t support elliptic curves that are cryptographically strong. The hack can force the access point to use of a different curve, presumably one that’s weaker.

Read full article on Technology Lab – Ars Technica