Networking / Beginners

EAP

The Extensible Authentication Protocol (EAP) is an authentication framework that forms a basis upon which other authentication schemes rest. It forms a big part of the ratified IEEE 802.11i standard.

As indicated by its name, the EAP framework was designed with extensibility and authentication in mind. For the authentication component, various credentials such as usernames, passphrases, digital certificates, smart cards, and one-time passwords are acceptable.

The extensibility component of EAP implies several things as follows:

  • Arbitrary authentication mechanisms can be designed around it.
  • The base EAP specification can be kept simple and lightweight.
  • Advanced features and their resulting complexity can be abstracted away from EAP and implemented in the solutions that use EAP.
  • EAP is relatively future-proof. As technology advances and new demands are placed on existing solutions, EAP can easily adapt to accommodate these changes.

EAP can be encapsulated inside any Data Link layer protocol such as Ethernet, Point-Point-Protocol (PPP), IEEE 802.11 frames, and so on.

[Previous] [Contents] [Next]

In this tutorial:

  1. Securing Wireless Networks
  2. Security Background
  3. Security Services
  4. Cryptographic Concepts and Terms
  5. Encryption and Decryption
  6. Keyspace
  7. Exclusive OR (XOR)
  8. Algorithm
  9. Asymmetric Encryption Algorithms
  10. Public-Private Key Cryptography
  11. Cipher
  12. Concealment Ciphers vs. Running Key Ciphers
  13. Stream Ciphers vs. Block Ciphers
  14. Cipher Examples
  15. Cipher Implementations
  16. Wi-Fi Protected Access
  17. TKIP/WPA
  18. Wi-Fi Protected Access 2 (WPA2)
  19. CCMP/AES
  20. Hash Functions
  21. EAP
  22. EAP Entities
  23. EAP Grammar
  24. EAP Types
  25. EAP-TTLS
  26. EAP-PSK
  27. EAP-SIM
  28. EAP-AKA
  29. IEEE 802.11i
  30. Four-Way Handshake
  31. IEEE 802.11i Considerations