Sessions secure even if a single session is attacked Protect against denial of service attacks
Password based method Dictionary attacks
If the challenge and response is not via an encrypted tunnel
Mutual authentication Established a secure tunneled
Public key algorithm and certificate via a secured tunnel, a less secure authentication
method can be used
EAP PEAP (Protected EAP)
Similar TTLS Message authentication, key exchange, Support fragmentation, reassembly, and fast reconnect Only authenticators requiring certificates Developed by Microsoft and Cisco
rather than a key or password not session-independent
same SIM card would be reused for all sessions by a user or device
2007/9/12
14
Methods
EAP-AKA (Authentication and Key Agreement)
Recommended requirements
Fragmentation End-user identity hiding
Optional requirements
Channel binding Fast reconnect
Enterprise-specific requirements
EAP-AKA Developed by 3GPP Replaces SIM on GSM with USIM on UMTS Stronger level of security than EAP-SIM
use of permanent keys for mutual authentication
network. Various EAP methods available for use in the variety of wireless
networks. EAP definition in 802.1X does not specify an exact method,
algorithm or procedure for the authentication but rather specifies a framework into which a particular method can be plugged.
2007/9/12
3
Introduction (2/2)
WLAN (Wireless LAN)
Authentication and authorization WEP
Share secret Drawback: key usually static
WPA (802.11i)
Personal mode: shared key Enterprise mode: authentication server
2007/9/12
2
Introduction (1/2)
EAP (Extensible Authentication Protocol)
Sited on wireless situation. Valid identity of the user or device attempting to access a
▪ AAA (authentication, authorization and accounting) server ▪ RADIUS (remote authentication dial-in user service)
Data protection WEP
RC4
WPA (802.11i)
EAP methods for wireless networks
报告者：曾萍萍 导 师：张永平
Outline
Introduction EAP Requirements Methods Possible attacks on EAP Mobility issues RFID WiMAX Conclusions
EAP-TLS (Transport Level Security)
Public key certificate Mutual authentication, key exchange and establishment, Support fragmentation, reassembly, and fast reconnect Each entity being authenticated (client, AP) Strong authentication and very secure
But each them support differing implementations of method
Client
AP
RADIUS
TLS session PEAP initial negotiation
certificate
Secure Tunnel for Legacy Authentication and Key Generation
More costly
Require public key infrastructure
Client
AP
certificate PKI (Key, data)
RADIUS
certificate
2007/9/12
8
Methods (Certificate based methods)
EAP-TTLS (Tunneled Transport Level Security)
WLAN (Wireless LAN)
802.11 (a, b, g) The base of authentication methods
Pre-shared key: home office, small office Password based security: enterprises Certificate based security: enterprises
a mast session key Use the public key computation to add its strength
It gains the security of public key encryption methods without the expense and complexity of deploying certificates
TKIP (Temporal key integrity protocol )
2007/9/12
4
EAP Requirements
Mandatory requirements
Generation of symmetric keying material Mutual authentication support Self-protecting Synchronization of state Resistance to dictionary attacks Protecting against man-in-middle attacks Protected cipher suite negotiation
authentication Man in the middle attacks It is not a secure EAP method
Client
AP
RADIUS
(Username, password)
MD5(Username, password)
2007/9/12
7
Methods (Certificate based methods)
EAP-TLS EAP-TTLS EAP PEAP
Password based methods
LEAP SPEKE
EAP SIM EAP AKA
2007/9/12
6
Methods (Legacy based methods)
EAP-MD5
Username and password MD5 message hashing algorithm Very simple EAP method No change keys mechanism Cannot fulfill the requirement for symmetric
Require longer message exchanges
Unable to authenticate user
Password based methods
Advantages Low cost and ease of use Password is easy to remember rather than a cryptic key
Strong password policy suggestion Less complexity
2007/9/12
12
Methods (Password based methods)
SPEKE (Simple Password Exponential Key Exchange)