What risk is associated with shared key authentication in WLANs?

Shared key authentication in WLANs carries a specific risk: the challenge text, which is part of the authentication process, is sent in clear text. In this method of authentication, a challenge is issued by the access point, and the device must respond with an encrypted response that uses a shared key. However, since the challenge itself is not secure and is transmitted unencrypted, it can be intercepted by a malicious actor. This exposure allows an attacker to easily capture the challenge text, which is a crucial part of the authentication process. Once they have the challenge and the response, they can use this information to potentially crack the shared key, posing a significant security threat.

The other options reflect aspects of wireless security but do not represent the primary risk inherent in shared key authentication. The visibility of the SSID, for example, relates more to the discoverability of the network rather than a vulnerability in the authentication method itself. Additionally, while some authentication methods do not require passwords, this does not specifically characterize the issue with shared key authentication. Lastly, while it is true that encryption keys can be subject to brute-force attacks, this risk is more broadly applicable to many types of encryption, rather than being a unique risk associated solely with shared key authentication.