CmpE 209
EAP Overview Report
Extensible Authentication Protocol (EAP) Overview
Introduction:
Extensible Authentication Protocol (EAP) is basically an authentication framework
which was designed to extend support to the Point to Point Protocol (PPP). The frequent
use of EAP has been in Wireless LAN (Local Area Network) and Point to Point
Connections. Although there have been some instances of the usage of this protocol in
wired LAN connections. Conceptually the EAP is designed to be a part of the
Authentication protocol of the PPP in such a way that it provides a platform for many
authentication methods. The EAP provides platform for about 40 such authentication
methods. Thus EAP is more of a framework compared to a specific method. [1] [2]
In Link Control Phase of PPP, the EAP does not select a specific authentication method
rather pushing this part till the Authentication Phase. This permits more information to be
collected by the authenticating point (authenticator) before it settles down on a particular
method of authentication. Also this nullifies the usage of the “back-end” server which
implements the specific method, bypassing the authenticator through the authentication
exchange. [3]
Thus, after a successful Link Establishment phase, the authenticator will request the peer
to be authenticated. The sent Request will have a type field indicating what is wanted.
Example: MD5-challenge, Identity, Generic Token Card, One-Time Passwords, etc.
Normally, the authenticator would initially give out an Identity Request followed more
requests for authentication of the information. But this initial Identity Request is not
compulsory and may be skipped wherein identity could be presumed i.e. in case of
dedicated dial-ups, leased lines, etc. The peer should then reply by giving out a response
packet for each request. Similar to the Request packet, the Response packet also contains
type field which corresponding to the type of Request. The authentication phase ends
with the authenticator giving out a success or failure packet.
8
16
32bit
Variable
Type
Length
Authentication-Protocol
Data
The Authentication-Protocol Configuration Option format to negotiate the EAP
Authentication Protocol is shown above:



Type - 3
Length - 4
Authentication-Protocol - C227 (Hex) for PPP Extensible Authentication Protocol
(EAP) [3]
Team Golmaal
Page 1
2/17/2016
CmpE 209
EAP Overview Report
Types of EAP Methods:
(1) LEAP
•
•
•
•
•
•
•
Lightweight Extensible Authentication Protocol also known as CiscoWireless EAP
Proprietary wireless LAN authentication method developed by Cisco
Systems.
Provides username/password-based authentication between a wireless
client and a RADIUS server like Cisco ACS or Interlink AAA
Among a few protocols used with the IEEE 802.1X standard for LAN port
access control.
Gets key for per-user, per-session.
Wired Equivalent Privacy (WEP) encryption is an enhancement to
IEEE802.11b
For both the Access Point (AP) and the user it uses mutual authentication.
Apart from this there are some limitations of LEAP too:
•
•
•
Uses a modified authentication protocol version of MS-CHAP in which
user credentials is not strongly protected.
Can be susceptible to eavesdropping.
For more robust implementations use of cryptography is necessary for
securing user credentials
Cisco’s response to this threat has been:
–
–
Force users to have stronger, more complicated passwords
Switch to alternative protocol developed by Cisco (EAP-FAST)
for more security.
[1] [6] [7] [8] [9] [10]
Team Golmaal
Page 2
2/17/2016
CmpE 209
EAP Overview Report
(2) EAP-TLS
•
•
•
•
•
•
•
•
•
•
An Internet Engineering Task Force (IETF) standard (RFC 2716) that is
based on the TLS protocol (RFC 2246)
Considered extension to SSL
Uses digital certificates for both user and server authentication
It uses PKI to secure communication to the RADIUS authentication server
EAP-TLS is the original standard wireless LAN EAP authentication
protocol
Supported by most operating systems and network appliances.
Extends EAP-TLS
Securely tunnels Client authentication within TLS records
TTLS requires only server-side certificates but in EAP TLS more
certificates are used
These certificates are used for one-way TLS authentication (network to
user), and once you have a nice, safe, encrypted and integrity-checked
channel, you can use EAP inside of the TLS tunnel for any other
authentication [1] [5]
(3) EAP-MD5
•
One of the simplest EAP types that can be used. Uses MD5 hashing.
•
EAP-MD5 offers no key management or dynamic key generation,
requiring the use of static WEP keys
Okay for wired LANs, offers minimal security in wireless
Vulnerable to dictionary attacks, and does not support mutual
authentication or key generation
Unsuitable with dynamic WEP, or WPA/WPA2 enterprise [1] [6]
•
•
•
(4) Protected Extensible Authentication Protocol (PEAP)
•
•
•
•
•
•
•
It is a method to securely transmit authentication information, including
passwords, over wired or wireless networks
Uses a digital certificate only for server authentication
Already it has been widely accepted and provides good security to a
variety of products.
Very similar to TTLS but differs in requirement of only a server-side PKI
certificate to create a secure TLS tunnel to protect user authentication.
A TLS tunnel is established, and another EAP session takes place inside
For user authentication, PEAP supports various EAP-encapsulated
methods within a protected TLS tunnel
As of May of 2005, there were two PEAP sub-types certified for the
updated WPA and WPA2 standard. They are:
Team Golmaal
Page 3
2/17/2016
CmpE 209
EAP Overview Report
•
•
•
PEAP sub-types
PEAPv0/EAP-MSCHAPv2
PEAPv1/EAP-GTC [1] [4] [5] [6]
(5) Other EAP Subtypes
•
EAP-PSK: pure symmetric-key EAP
•
EAP-IKEv2: EAP authentication method based on the Internet Key
Exchange Protocol version 2 (IKEv2)
•
EAP-FAST: Flexible Authentication via Secure Tunneling (it is a
proposal by Cisco Systems to fix the weaknesses of LEAP)
•
EAP-SIM: Used for authentication and session key distribution using the
Global System for Mobile Communications (GSM) Subscriber Identity
Module (SIM)
EAP-AKA: It is for UMTS Authentication and Key Agreement is used for
authentication and session key distribution using the Universal Mobile
Telecommunications System (UMTS) [1]
•
Team Golmaal
Page 4
2/17/2016
CmpE 209
EAP Overview Report
Comparison Chart:
EAP-MD5
LEAP
EAP-TLS
EAP-TTLS
PEAP
Server
Authentication
None
Password
Hash
Public Key
(Certificate)
Public Key
(Certificate)
Public Key
(Certificate)
Supplicant
Authentication
Password
Hash
Password
Hash
Public Key
(Certificate or
Smart Card)
CHAP, PAP,
MSCHAP(v2),
EAP
Any EAP,
like EAPMSCHAPv2 or
Public Key
Dynamic Key
Delivery
No
Yes
Yes
Yes
Yes
Identity
exposed,
Dictionary
attack, Manin-the-Middle
(MitM)
attack,
Session
hijacking
Identity
exposed,
Dictionary
attack
Identity
exposed
MitM attack
MitM
attack;
Identity
hidden in
Phase 2 but
potential
exposure in
Phase 1
Security Risks
[4] [5] [6]
Team Golmaal
Page 5
2/17/2016
CmpE 209
EAP Overview Report
References:
1.
2.
3.
4.
5.
6.
http://en.wikipedia.org/wiki/Extensible_Authentication_Protocol
http://www.networkworld.com/details/490.html
http://www.javvin.com/protocolEAP.html
http://www.wifiplanet.com/tutorials/article.php/3075481
http://wireless.utk.edu/documentation/papers/802.1x-chris.pdf
http://www.cisco.com/en/US/netsol/ns339/ns395/ns176/ns178/networking_solutio
ns_white_paper09186a008009c8b3.shtml
7. http://asleap.sourceforge.net/
8. http://searchnetworking.techtarget.com/originalContent/0,289142,sid7_gci843996
,00.html
9. http://www.cisco.com/warp/public/cc/so/cuso/epso/sqfr/safwl_wp.htm
10. http://www.cisco.com/warp/public/784/packet/exclusive/apr02.html
Team Golmaal
Page 6
2/17/2016