802.11 (and related) Standards
EAP AUTHENTICATION METHODS
EAP-TTLS AND PEAP
"802.11i is an
amendment to the 802.11 standard specifying security mechanisms for wireless
networks. The draft standard was ratified on 24 June 2004, and supersedes the
previous security specification, Wired Equivalent Privacy (WEP), which was shown
to have severe security weaknesses. Wi-Fi Protected Access (WPA) had previously
been introduced by the Wi-Fi Alliance as an intermediate solution to WEP
insecurities. WPA implemented a subset of 802.11i. The Wi-Fi Alliance refers to
their approved, interoperable implementation of the full 802.11i as WPA2 .
802.11i makes use of the Advanced Encryption Standard (AES) block cipher. WEP
and WPA use the RC4 stream cipher." -Wikipedia.
Static WEP (Wired
Equivalent Privacy) provides
simple authentication and encryption based on unchanging shared keys that are
preconfigured on all access points and client machines.
WEP is now recognised as being wholly flawed see the Fluhrer,
Mantin and Shamir whitepaper:
Using tools such as
Airsnort WEP can be broken in under 30 minutes
or if the WEP key is based on a dictionary word it can be broken in under a
minute (utilising WepAttack) as long as at
least one encrypted packet has been collected.
WEP is better than using no security at all, but only just!
WPA (Wi-Fi Protected
Access) is a set of modifications and improvements to WEP.
WPA's improvements include:
An improved Message Integrity Check (MIC) the Michael MIC to
reduce the likelihood of packets being tampered with in transit.
Increase from 24 (used in by WEP) to 48 bits for the
Initialisation Vector (IV) making key reuse less likely.
TKIP sequence numbers are introduced reducing the likelihood
of replay attacks.
Whilst a static WEP key (master key) still needs to be entered
on each device this key is never utilised directly. This master key is
combined with a clients MAC address and the 48 bit IV to produce the key that
will encrypt the data. Thus each device utilises a different keystream
to encrypt their data.
WPA also provides the administrator with the ability to
configure key change intervals (generally configured in seconds).
WPA offers a solid security solution for legacy hardware devices
and whilst its implementation will degrade the performance of a network (due to
the data overhead required for the extra security mechanisms) it is the best
alternative to WEP available until WPA2 enabled hardware can be made available.
"Although WPA2 has been released, WPA will continue to play a
valuable role in meeting the security needs for both enterprise and consumer
Wi-Fi users." -WIFI Alliance
WPA2 (Wi-Fi Protected
Access 2) puts the industry two generations beyond WEP and is based on the final
IEEE 802.11i amendment to the 802.11 standard. WPA2 provides government
grade security by implementing the National Institute of Standards and
Technology (NIST) FIPS 140-2 compliant AES encryption algorithm.
Personal and Enterprise
versions of WPA2 are available. In the Personal mode of operation, a pre-shared
key (password) is used for authentication, while in the Enterprise mode of
operation, authentication is achieved via 802.1X and the EAP. Personal
mode requires only an access point and client device, while Enterprise
mode typically requires
a RADIUS or other authentication server on the network.
WPA2 is backwards
compatible with WPA the primary difference between WPA and WPA2 is the type of
encryption used; RC4 and AES respectively
802.1x or Extensible
Authentication Protocol (EAP) is an IEEE standard for port based access control
that is utilised to authenticate and authorise devices (is does not encrypt
non-authentication traffic) attached to a LAN. 802.1x is not unique to
wireless networks and is used extensively in wired LAN configurations.
User based identification (e.g. passwords, certificates).
Machine based static WEP keys are no longer used for authentication.
Mutual authentication between the client and the
authentication server (except EAP-MD5).
All non-802.1x traffic is filtered until the client has
successfully authenticated to the network.
Dynamic aka Session Key Management (except EAP-MD5).
EAP-MD5 is a password based
authentication method. EAP-MD5 is not recommended for WLAN use due to the
Only one way authentication is utilised (client authenticating
The server challenge and client hashed response of the server
challenge may be sniffed by an attacker
Dynamic Key Management is not available (e.g. after
authentication the WLAN may revert to the use of static WEP keys)
Susceptible to Man-in-the-Middle attacks
LEAP is Cisco's proprietary
Lightweight EAP protocol it is solely password based (client and server).
Improvements it offers over EAP-MD5 are mutual authentication and Dynamic Key
Management. LEAP is susceptible to passive dictionary attacks (see Joshua
EAP-TLS is an authentication method
based on the Secure Socket Layer (SSL) that is used for the majority of todays
secure web transactions. EAP-TLS provides mutual authentication and
Dynamic Key Management whist suffering from none of the problems associated with
NOTE: EAP-TLS requires a Public Key Infrastructure (PKI) in place to
manage both client and server certificates.
EAP-TTLS and Protected EAP
(PEAP) are both similar authentication mechanisms providing an extension to
the EAP-TLS authentication scheme which eliminates the requirement for
certificates on the client side, yet still provides mutual authentication.
The authentication process for both is as follows:
The server still requires a certificate and this is used to
authenticate with the client and establish an encrypted tunnel.
The client now securely authenticates to the server using
which ever method is chosen e.g. passwords, secure tokens or certificates may
also still be used.
EAP-TTLS and PEAP are the most secure enterprise authentication
schemes available today. Client certificate deployment and use rather than
passwords would be ideal solution; due to the standard issues of users choosing
poor passwords and concerns of brute force attacks.
http://www.wi-fi.org/ -WIFI Alliance