Canonical URL: ; File formats: Plain Text PDF Discuss this RFC: Send questions or comments to [email protected] This document defines the Extensible Authentication Protocol (EAP), an authentication framework which supports multiple authentication methods. EAP typically. Network Working Group B. Aboba Request for Comments: Microsoft Obsoletes: L. Blunk Category: Standards Track Merit Network, Inc J. Vollbrecht.

Author: Sharn Mikarg
Country: Tajikistan
Language: English (Spanish)
Genre: History
Published (Last): 9 October 2018
Pages: 61
PDF File Size: 7.75 Mb
ePub File Size: 4.57 Mb
ISBN: 880-2-58931-735-3
Downloads: 39678
Price: Free* [*Free Regsitration Required]
Uploader: Sam

In EAP there is no provision for retries of failed authentication. It cannot be assumed that the contents of the Notification Request or Response are available to another method.

EAP may be used on dedicated links, as well as switched circuits, and wired as 7348 as wireless links. For example, upon failure of authentication, some PPP implementations do not terminate the link, instead limiting traffic in Network-Layer Protocols to a filtered subset, which in turn allows the peer the opportunity to update secrets or send mail to the network administrator indicating a problem. A host receiving an EAP packet may only do one of three things with it: Depending on the lower layer, EAP methods may run before or after ciphersuite negotiation, so that the selected ciphersuite may not be known to the EAP method.

Views Read Edit View history.


The Request has a Type field to indicate what is being requested. This list of security claims is not exhaustive. In practice, this implies that the AAA protocol spoken between the authenticator and authentication server MUST support per-packet authentication, integrity, and replay protection.

Therefore, a mechanism needs to be provided to transmit the AAA-Key from the authentication server to the authenticator that needs it.

That is, knowledge of one substring MUST NOT help in recovering some other substring without breaking some hard cryptographic assumption. For example, the EAP server may not be aware of an authorization decision made by a AAA proxy; the AAA server may check authorization only after authentication has completed successfully, to discover that authorization cannot be granted, or the AAA server may grant access but the authenticator may be unable to provide it due to a temporary lack of resources.


This may be intentional in the case of identity privacy. Packet Modification Attacks While EAP methods may support per-packet data origin authentication, integrity, and replay protection, support is not provided within the EAP layer.

Extensible Authentication Protocol

Result 374 A method provides result indications if after the method’s last message is sent and received: Dictionary attack resistance Where password authentication is used, passwords are commonly selected from a small set as compared to a set iet N-bit keyswhich raises a concern about dictionary attacks. An authenticated peer may be denied access due to lack of authorization e. EAP is not a wire protocol ; instead it only defines message formats.

Network Working Group B. Distribution of this memo is unlimited. For example, a iietf chain octets in size would require ten round-trips to send with a octet EAP MTU. EAP-TLS is still considered one of the most secure EAP standards available, although TLS provides strong security only as long as the user ief potential warnings about false credentials, and is universally supported by all manufacturers of wireless LAN hardware and software.

Archived from the original on 26 November Such “tunneled” methods appear as a single authentication method to EAP. Since EAP supports retransmission, it is robust against transient connectivity losses.

Information on RFC ยป RFC Editor

When used, this server typically executes EAP methods for the authenticator. Use of cleartext passwords would allow the password to be captured by an attacker with access to a link over which EAP packets are transmitted.

Silently Discard This means the implementation discards the packet without further processing. However, a pass-through authenticator will not be aware that the peer has accepted the credentials offered by the EAP server, unless this information is provided to the authenticator via the AAA protocol.


Therefore, it is possible to omit the Identity exchange entirely, or to use a method-specific identity exchange once a protected channel frc been established. In these situations, use of EAP methods with fewer roundtrips is advisable. In media such as IEEE In particular, this definition allows that the adversary has the knowledge of all nonces sent in cleartext, as well as all predictable counter values used in the protocol.

RFC – Extensible Authentication Protocol (EAP)

The client can, but does not have to be authenticated via a CA -signed PKI certificate to the server. The alternative is to use device passwords instead, but then the device is validated rfx the network not the user. This allows the attacker to successfully establish itself as a man-in- the-middle, gaining access to the network, as well as the ability to decrypt data traffic between the legitimate peer and server.

The specification of the AAA-key derivation, transport, and wrapping mechanisms is outside the scope of this document. Therefore, unless a host implements an EAP peer layer, these packets will be silently discarded. There have also been proposals to use IEEE Although it is difficult to define what “comparable effort” and “typical block cipher” exactly mean, reasonable approximations are sufficient here.

Within a mutually authenticating method, requiring that the server authenticate to the peer before the peer will accept a Success packet prevents an attacker from acting as a rff authenticator.

This is distinct from the ciphersuite negotiated between the peer and authenticator, used to protect data.