Double-encryption As with all stream ciphers, the operation of encryption is the same as the operation of decryption with the same key. If the adversary wants a certain packet decrypted, he can: Join the network (authentication spoofing) Use a second Internet connection to send the packet to his laptop over the wireless network The base station will encrypt this packet a second time If the adversary times things just right, so that the base station uses the same IV both times it encrypted the packet, the second encryption will decrypt the packet This timing is not so hard, if your base station is using sequential IV's The adversary then just reads the decrypted packet off the air