Profile: Margaret Rouse
|The problem arises when you have duplicate IV values. If an attacker knows the content of one of the packets he has the IV for, he can use the collision to extract the contents of the other packet. In other words, an attacker can decrypt data without ever knowing the password. Assuming an attacker can collect enough known IV-data matches, they can comprise the entire network.
Seth Fogie, WPA Part 2: Weak IV’s