Canonical URL: ; File formats: Plain Text PDF Discuss this RFC: Send questions or comments to [email protected] This document defines the Extensible Authentication Protocol (EAP), an authentication framework which supports multiple authentication methods. EAP typically. Network Working Group B. Aboba Request for Comments: Microsoft Obsoletes: L. Blunk Category: Standards Track Merit Network, Inc J. Vollbrecht.

Author: Kazijar Yoll
Country: Kosovo
Language: English (Spanish)
Genre: Environment
Published (Last): 28 May 2006
Pages: 83
PDF File Size: 14.88 Mb
ePub File Size: 10.35 Mb
ISBN: 681-8-42287-791-7
Downloads: 84502
Price: Free* [*Free Regsitration Required]
Uploader: Zulkihn

This may not always be the case. It also strays from the previous PPP authentication model of negotiating a specific authentication mechanism during LCP. If a server were to authenticate the peer and send a Success packet prior to determining whether the peer has authenticated the authenticator, an idle timeout can occur if the authenticator is not authenticated by the peer.

Lower layers such as IEEE Applicability EAP was designed for use in network access authentication, where IP layer connectivity may not be available. Since EAP does not require IP connectivity, it provides just enough support for the reliable transport of authentication protocols, and no more.

The term authenticator is used in [ IEEE Some EAP methods may support asymmetric authentication, with one type of credential being required for the peer and another type for the authenticator. Rather than requiring the authenticator to be updated to support each new authentication method, EAP permits the use of a backend authentication server, which may implement some or all authentication methods, with the authenticator acting as a pass-through for some or all methods and peers.

This would allow for situations much like HTTPS, where a wireless hotspot allows free access and does not authenticate station clients but station clients wish to use encryption IEEE It can use an existing and widely deployed authentication protocol and infrastructure, incorporating legacy password mechanisms and authentication databases, while the secure tunnel provides protection from eavesdropping and man-in-the-middle attack.

RFC – Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs

Result indications A method provides result indications if after the method’s last message is sent and received: Since EAP supports retransmission, it is robust against transient connectivity losses. This can be done by enabling users to configure which ciphersuites are acceptable as a matter of security policy, or the ciphersuite negotiation MAY be authenticated using keying material derived from the EAP authentication and a MIC algorithm agreed upon letf advance by lower-layer peers.


Were a sequence of EAP authentication methods to be permitted, the peer might not have proof that a single entity has acted as the authenticator for all EAP methods within the sequence.

This greatly simplifies the setup procedure since a certificate is not needed on every client.

Extensible Authentication Protocol

Method-specific MICs rf be used to provide protection. Where supported by the lower layer, an authenticator sensing the absence of the peer can free resources.

Alternatively, the authentication conversation can continue until the authenticator determines that successful authentication has occurred, in which case the authenticator MUST transmit an EAP Success Code 3. To protect against data modification, spoofing, or snooping, it is recommended that EAP methods supporting mutual authentication and key derivation as defined by Section 7.

This may be intentional in the case of identity privacy. Where EAP is used in pass-through mode, the EAP peer typically does not verify the identity of the pass-through authenticator, it only verifies that the pass-through authenticator is trusted by the EAP server.

Use of the EMSK is reserved. EAP authentication is initiated by the server authenticatorwhereas many authentication protocols are initiated by the client peer. This creates a potential security vulnerability.

It is more likely that the physical theft of a smart card would be noticed and the smart card immediately revoked than rtc typical password theft would be noticed. Breaking a cryptographic assumption would typically require inverting a one-way function or predicting the outcome of a cryptographic pseudo-random number generator rcc knowledge of the secret state.

As noted in Section 2. For example, upon failure of authentication, some PPP implementations do not terminate the link, instead limiting rfv in Network-Layer Protocols to a filtered subset, which in turn allows the peer the opportunity to update secrets or send mail to the network administrator indicating a problem. Peer-to-Peer Operation Since EAP is a peer-to-peer protocol, an independent and simultaneous authentication may take place in the reverse direction depending on the capabilities of the lower layer.


Security claims summaries have been added for authentication methods. Fragmentation This refers to whether an EAP method supports fragmentation and reassembly. This may enable an authenticator to impersonate another authenticator or communicate incorrect information via out- of-band mechanisms such as via a AAA or lower layer protocol. The MSK is at least 64 octets in length. Aboba Request for Comments: Terminology This document frequently uses the following terms: Since the Identifier is only a single octet, it is easy to guess, allowing irtf attacker to successfully inject or replay EAP packets.

Nak Type 3 or Expanded Nak Type are utilized oetf the purposes of method negotiation.

In such an implementation both EAP peer and authenticator layers will be present. This list of security claims is not exhaustive.

Cryptographic Separation Two keys x and y are “cryptographically separate” if an adversary that knows all messages exchanged in the protocol cannot compute x from y or y from x without “breaking” some cryptographic assumption. In EAP there is no provision for retries of failed authentication. It was co-developed by Funk Software and Certicom and is widely supported across platforms.

Where the requirement is meant to apply to either the authenticator or backend authentication server, depending on where the EAP authentication is terminated, oetf term “EAP server” will be used. Protected ciphersuite negotiation This refers to the ability of an EAP method to negotiate the ciphersuite used to protect the EAP conversation, as well as to integrity protect the negotiation.

This implies that even if The password may be a low-entropy one and may be letf from some set of possible passwords, like a dictionary, which is available to an attacker. From Wikipedia, the free encyclopedia.