Abstract
In recent years, amendments to IEEE standards for wireless networks added support for authentication algorithms based on the Extensible Authentication Protocol (EAP). Available solutions generally use digital certificates or pre-shared keys but the management of the resulting implementations is complex or unlikely to be scalable. In this paper we present EAP-SRP-256, an authentication method proposal that relies on the SRP-6 protocol and provides a strong password-based authentication mechanism. It is intended to meet the IETF security and key management requirements for wireless networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J.: Extensible authentication protocol (EAP). RFC 3748 (Obsoletes RFC 2284) (2004)
Stanley, E.A.: EAP method requirements for WLAN. RFC 4017 (2005)
Bernard Aboba, E.A.: Extensible authentication protocol (EAP) key management framework. IETF Internet draft (Work in Progress) (June 2006)
Aboba, B., Simon, D.: PPP EAP TLS authentication protocol. RFC 2716 (1999)
Palekar, A., Simon, D., Salowey, J., Zhou, H., Zorn, G., Josefsson, S.: Protected EAP protocol (PEAP) version 2. IETF Internet draft (Work in Progress) (2004)
Funk, P.: EAP tunneled TLS authentication protocol version 0 (EAP-TTLSv0). IETF Internet draft (Work in Progress) (February 2005)
Bersani, F., Tschofenig, H.: The EAP-PSK protocol: A pre-shared key extensible authentication protocol (EAP) method. RFC 4764 (2007)
Skoudis, E.: Counter Hack - A step-by-step Guide to Computer Attacks and Effective Defenses. Prentice-Hall, Englewood Cliffs (2002)
Wu, T.: The secure remote password protocol. In: Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, San Diego, CA, pp. 97–111 (November 1997)
Wu, T.: SRP-6: Improvements and refinements to the secure remore password protocol. Submission to the IEEE P1363 Working Group (October 2002)
IEEE P1363.2: Draft standard specifications for password-based public key cryptographic techniques (2006)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)
Taylor, D., Wu, T., Mavrogiannopoulos, N., Perrin, T.: Using SRP for TLS authentication. IETF Internet draft (Work in Progress) (June 2006)
Hoffman, P., Schneier, B.: Attacks on cryptographic hashes in internet protocols. RFC 4270 (2005)
Dolev, D., Yao, A.C.: On the security of public key protocols. Technical report, Stanford, CA, USA (1981)
Millen, J., Shmatikov, V.: Symbolic protocol analysis with products and diffie-hellman exponentiation (2003)
Heintze, N., Tygar, J.D.: A model for secure protocols and their compositions. Software Engineering 22(1), 16–30 (1996)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–156. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: The AuthA protocol for password-based authenticated key exchange. Technical report, Contribution to the IEEE P1363 study group for Future PKC Standards (2000)
Zhao, Z., Dong, Z., Wang, Y.: Security analysis of a password-based authentication protocol proposed to IEEE 1363. Theor. Comput. Sci. 352(1), 280–287 (2006)
Ferguson, N., Schneier, B.: Practical Cryptography. Wiley Publishing Inc., Chichester (2003)
Manganaro, A.: Studio di un metodo di autenticazione per le reti wireless basato sul protocollo SRP-6, Master Thesis (December 2005)
Koblensky, M.: Implementazione del protocollo di autenticazione EAP-SRP-256, Master Thesis (December 2006)
IEEE Std. 802.1X: Port based network access control (2004)
Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, New York (2002)
Dworkin, M.: Recommendation for block cipher modes of operation - methods and techniques. NIST Special Publication 800-38A, National Institute of Standards and Technology (2001)
Dobbertin, H., Knudsen, L.R., Robshaw, M.J.B.: The cryptanalysis of the AES - a brief survey. In: AES Conference, pp. 1–10 (2004)
Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-hashing for message authentication. RFC 2104 (1997)
Wagner, D., Schneier, B.: Analysis of the SSL 3.0 protocol. In: Proceedings of the Second USENIX Workshop on Electronic Commerce, Oakland, California (November 1996)
Gilbert, H.: The security of one-block-to-many modes of operation. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 376–395. Springer, Heidelberg (2003)
Luby, M., Rackoff, C.: How to construct pseudorandom permutations from random functions. SIAM J. Computing 17(2) (1988)
IEEE Std. 802.11i: Wireless LAN medium access control (MAC) and physical layer (PHY) specification - Amendment 6: Medium access control (MAC) security enhancements (2004)
ANSI X9.31: Digital signatures using reversible public key cryptography for the financial services industry (rDSA) (1998)
FIPS 140-2 Annex C: Approved random number generators for FIPS PUB 140-2 (January 2005)
Keller, S.S.: NIST-Recommended random number generator based on ANSI X9.31 Appendix A.2.4 using the 3-key triple DES and AES algorithms. NIST Information Technology Laboratory - Computer Security Division, National Institute of Standards and Technology (2005)
Eastlake, D., Schiller, J.I., Crocker, S.: Randomness requirements for security. RFC 4086 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Manganaro, A., Koblensky, M., Loreti, M. (2008). Design of a Password-Based EAP Method. In: Filipe, J., Obaidat, M.S. (eds) E-business and Telecommunications. ICETE 2007. Communications in Computer and Information Science, vol 23. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88653-2_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-88653-2_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88652-5
Online ISBN: 978-3-540-88653-2
eBook Packages: Computer ScienceComputer Science (R0)