4th International ICST Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness

Research Article

Where EAP Security Claims Fail

  • @INPROCEEDINGS{10.1145/1577222.1577285,
        author={Katrin Hoeper and Lidong Chen},
        title={Where EAP Security Claims Fail},
        proceedings={4th International ICST Conference on Heterogeneous Networking for Quality, Reliability, Security and  Robustness},
        publisher={ACM},
        proceedings_a={QSHINE},
        year={2007},
        month={8},
        keywords={Security},
        doi={10.1145/1577222.1577285}
    }
    
  • Katrin Hoeper
    Lidong Chen
    Year: 2007
    Where EAP Security Claims Fail
    QSHINE
    ACM
    DOI: 10.1145/1577222.1577285
Katrin Hoeper1,*, Lidong Chen2,*
  • 1: Department of Electrical and Computer Engineering University of Waterloo Waterloo, Ontario, N2L 3G1, Canada
  • 2: Computer Security Division National Institute of Standards and Technology (NIST) Gaithersburg, MD 20878, USA
*Contact email: khoeper@uwaterloo.ca, llchen@nist.gov

Abstract

The Extensible Authentication Protocol (EAP) is widely used as an authentication framework to control the access to wireless networks, e.g. in IEEE 802.11 and IEEE 802.16 networks. In this paper, we discuss limitations of EAP secu- rity and demonstrate how these limitations can be exploited to launch attacks on existing EAP methods. In particular, we present a series of attacks which cause some standard se- curity claims, namely channel binding, protected ciphersuite negotiation and cryptobinding, to fail and compromise the key exchange, authentication and privacy of EAP communi- cations. Next, we identify the special security challenges of EAP systems that may cause the considered security claims to fail. EAP di®ers from other authentication frameworks as a two party protocol, like IKE and TLS, because it is conducted with three parties involved across two communi- cation links with di®erent media. Another security challenge of EAP is the negotiability of EAP methods, ciphersuites, and protocol versions. These challenges make it di±cult to derive a trust model for EAP and to securely adopt existing protocols. Finally, we conclude with recommendations for more secure EAP implementations.