Skip to main content
SpringerLink
Log in

Design of a Password-Based EAP Method

  • Conference paper
E-business and Telecommunications (ICETE 2007)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 23))

Included in the following conference series:

  • 662 Accesses

Abstract

In recent years, amendments to IEEE standards for wireless networks added support for authentication algorithms based on the Extensible Authentication Protocol (EAP). Available solutions generally use digital certificates or pre-shared keys but the management of the resulting implementations is complex or unlikely to be scalable. In this paper we present EAP-SRP-256, an authentication method proposal that relies on the SRP-6 protocol and provides a strong password-based authentication mechanism. It is intended to meet the IETF security and key management requirements for wireless networks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J.: Extensible authentication protocol (EAP). RFC 3748 (Obsoletes RFC 2284) (2004)

    Google Scholar 

  2. Stanley, E.A.: EAP method requirements for WLAN. RFC 4017 (2005)

    Google Scholar 

  3. Bernard Aboba, E.A.: Extensible authentication protocol (EAP) key management framework. IETF Internet draft (Work in Progress) (June 2006)

    Google Scholar 

  4. Aboba, B., Simon, D.: PPP EAP TLS authentication protocol. RFC 2716 (1999)

    Google Scholar 

  5. Palekar, A., Simon, D., Salowey, J., Zhou, H., Zorn, G., Josefsson, S.: Protected EAP protocol (PEAP) version 2. IETF Internet draft (Work in Progress) (2004)

    Google Scholar 

  6. Funk, P.: EAP tunneled TLS authentication protocol version 0 (EAP-TTLSv0). IETF Internet draft (Work in Progress) (February 2005)

    Google Scholar 

  7. Bersani, F., Tschofenig, H.: The EAP-PSK protocol: A pre-shared key extensible authentication protocol (EAP) method. RFC 4764 (2007)

    Google Scholar 

  8. Skoudis, E.: Counter Hack - A step-by-step Guide to Computer Attacks and Effective Defenses. Prentice-Hall, Englewood Cliffs (2002)

    Google Scholar 

  9. Wu, T.: The secure remote password protocol. In: Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, San Diego, CA, pp. 97–111 (November 1997)

    Google Scholar 

  10. Wu, T.: SRP-6: Improvements and refinements to the secure remore password protocol. Submission to the IEEE P1363 Working Group (October 2002)

    Google Scholar 

  11. IEEE P1363.2: Draft standard specifications for password-based public key cryptographic techniques (2006)

    Google Scholar 

  12. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  13. Taylor, D., Wu, T., Mavrogiannopoulos, N., Perrin, T.: Using SRP for TLS authentication. IETF Internet draft (Work in Progress) (June 2006)

    Google Scholar 

  14. Hoffman, P., Schneier, B.: Attacks on cryptographic hashes in internet protocols. RFC 4270 (2005)

    Google Scholar 

  15. Dolev, D., Yao, A.C.: On the security of public key protocols. Technical report, Stanford, CA, USA (1981)

    Google Scholar 

  16. Millen, J., Shmatikov, V.: Symbolic protocol analysis with products and diffie-hellman exponentiation (2003)

    Google Scholar 

  17. Heintze, N., Tygar, J.D.: A model for secure protocols and their compositions. Software Engineering 22(1), 16–30 (1996)

    Article  Google Scholar 

  18. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–156. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  19. Bellare, M., Rogaway, P.: The AuthA protocol for password-based authenticated key exchange. Technical report, Contribution to the IEEE P1363 study group for Future PKC Standards (2000)

    Google Scholar 

  20. Zhao, Z., Dong, Z., Wang, Y.: Security analysis of a password-based authentication protocol proposed to IEEE 1363. Theor. Comput. Sci. 352(1), 280–287 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  21. Ferguson, N., Schneier, B.: Practical Cryptography. Wiley Publishing Inc., Chichester (2003)

    MATH  Google Scholar 

  22. Manganaro, A.: Studio di un metodo di autenticazione per le reti wireless basato sul protocollo SRP-6, Master Thesis (December 2005)

    Google Scholar 

  23. Koblensky, M.: Implementazione del protocollo di autenticazione EAP-SRP-256, Master Thesis (December 2006)

    Google Scholar 

  24. IEEE Std. 802.1X: Port based network access control (2004)

    Google Scholar 

  25. Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, New York (2002)

    Book  MATH  Google Scholar 

  26. Dworkin, M.: Recommendation for block cipher modes of operation - methods and techniques. NIST Special Publication 800-38A, National Institute of Standards and Technology (2001)

    Google Scholar 

  27. Dobbertin, H., Knudsen, L.R., Robshaw, M.J.B.: The cryptanalysis of the AES - a brief survey. In: AES Conference, pp. 1–10 (2004)

    Google Scholar 

  28. Krawczyk, H., Bellare, M., Canetti, R.: HMAC: Keyed-hashing for message authentication. RFC 2104 (1997)

    Google Scholar 

  29. Wagner, D., Schneier, B.: Analysis of the SSL 3.0 protocol. In: Proceedings of the Second USENIX Workshop on Electronic Commerce, Oakland, California (November 1996)

    Google Scholar 

  30. Gilbert, H.: The security of one-block-to-many modes of operation. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 376–395. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  31. Luby, M., Rackoff, C.: How to construct pseudorandom permutations from random functions. SIAM J. Computing 17(2) (1988)

    Google Scholar 

  32. IEEE Std. 802.11i: Wireless LAN medium access control (MAC) and physical layer (PHY) specification - Amendment 6: Medium access control (MAC) security enhancements (2004)

    Google Scholar 

  33. ANSI X9.31: Digital signatures using reversible public key cryptography for the financial services industry (rDSA) (1998)

    Google Scholar 

  34. FIPS 140-2 Annex C: Approved random number generators for FIPS PUB 140-2 (January 2005)

    Google Scholar 

  35. Keller, S.S.: NIST-Recommended random number generator based on ANSI X9.31 Appendix A.2.4 using the 3-key triple DES and AES algorithms. NIST Information Technology Laboratory - Computer Security Division, National Institute of Standards and Technology (2005)

    Google Scholar 

  36. Eastlake, D., Schiller, J.I., Crocker, S.: Randomness requirements for security. RFC 4086 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Sistemi e Informatica, Universita’ di Firenze, Italy

    Andrea Manganaro, Mingyur Koblensky & Michele Loreti

Authors
  1. Andrea Manganaro
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mingyur Koblensky
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michele Loreti
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Polytechnic Institute of Setúbal – INSTICC,, Av. D. Manuel I, 27A - 2. Esq., 2910-595, Setúbal, Portugal

    Joaquim Filipe

  2. Department of Computer Science, Monmouth University, West Long Branch, NJ 07764, U.S.A.

    Mohammad S. Obaidat

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Manganaro, A., Koblensky, M., Loreti, M. (2008). Design of a Password-Based EAP Method. In: Filipe, J., Obaidat, M.S. (eds) E-business and Telecommunications. ICETE 2007. Communications in Computer and Information Science, vol 23. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88653-2_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-88653-2_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-88652-5

  • Online ISBN: 978-3-540-88653-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation