EAP
The Extensible Authentication Protocol (EAP) is an authentication framework that forms a basis upon which other authentication schemes rest. It forms a big part of the ratified IEEE 802.11i standard.
As indicated by its name, the EAP framework was designed with extensibility and authentication in mind. For the authentication component, various credentials such as usernames, passphrases, digital certificates, smart cards, and one-time passwords are acceptable.
The extensibility component of EAP implies several things as follows:
- Arbitrary authentication mechanisms can be designed around it.
- The base EAP specification can be kept simple and lightweight.
- Advanced features and their resulting complexity can be abstracted away from EAP and implemented in the solutions that use EAP.
- EAP is relatively future-proof. As technology advances and new demands are placed on existing solutions, EAP can easily adapt to accommodate these changes.
EAP can be encapsulated inside any Data Link layer protocol such as Ethernet, Point-Point-Protocol (PPP), IEEE 802.11 frames, and so on.
In this tutorial:
- Securing Wireless Networks
- Security Background
- Security Services
- Cryptographic Concepts and Terms
- Encryption and Decryption
- Keyspace
- Exclusive OR (XOR)
- Algorithm
- Asymmetric Encryption Algorithms
- Public-Private Key Cryptography
- Cipher
- Concealment Ciphers vs. Running Key Ciphers
- Stream Ciphers vs. Block Ciphers
- Cipher Examples
- Cipher Implementations
- Wi-Fi Protected Access
- TKIP/WPA
- Wi-Fi Protected Access 2 (WPA2)
- CCMP/AES
- Hash Functions
- EAP
- EAP Entities
- EAP Grammar
- EAP Types
- EAP-TTLS
- EAP-PSK
- EAP-SIM
- EAP-AKA
- IEEE 802.11i
- Four-Way Handshake
- IEEE 802.11i Considerations