Extensible Authentication Protocol, Protected EAP, and Temporal Key Integrity Protocol
Extensible Authentication Protocol (EAP) enables the dynamic selection of the authentication mechanism at authentication time based on information transmitted in the Access-Request (that is, via RADIUS). PPP also supports EAP during the link establishment phase.
EAP allows the authenticator to request more information before determining the specific authentication mechanism.
A proposal jointly submitted to the IEEE by Cisco Systems, Microsoft, and various other organizations introduced Protected EAP (PEAP), an EAP to provide enhanced functionality and security features to wireless networks. PEAP is today's preferred authentication mechanism in wireless networks.
PEAP provides the following security benefits:
- Relies on Transport Layer Security (TLS) to allow nonencrypted authentication types such as EAP-Generic Token Card (GTC) and One Time Password (OTP) support.
- Uses server-side PKI-based digital certification authentication.
- Allows authentication to an extended suite of directories, including Lightweight Directory Access Protocol (LDAP), Novell NDS, and OTP databases.
- Uses TLS to encrypt all user-sensitive authentication information.
- Supports password change at expiration.
- Does not expose the logon username in the EAP identity response.
- Is not vulnerable to dictionary attacks.
That functionality is provided to wireless client adapters, which may support different authentication types, to communicate with different back-end servers such as RADIUS servers. EAP can be used with wired networks as well.
Microsoft Windows XP supports an extension to EAP, namely Extensible Authentication Protocol Transport Layer Security (EAP-TLS). Hence, a number of options are available to end users so that authentication may be completed securely over a wireless network. Recently Microsoft has added support for EAP-TLS and PEAP to several of its operating systems.
Figure 4-17 displays a typical wireless network in which a user labeled PEAP Client is required to authenticate to either a Cisco Secure ACS or the Cisco Access Registrar. The Cisco Access Registrar is based on a client/server model, which supports AAA. The client passes user information on to the RADIUS server and acts on the response it receives. The server, on the other hand, is responsible for receiving user access requests, authenticating and authorizing users, and returning all of the necessary configuration information the client can then pass on to the user.
Figure 4-17 PEAP Sample Deployment
Figure 4-17 displays a Windows XP client trying to associate with a wireless access point—the first step the client performs. The second step is that the access point in Figure 4-17 blocks the request because the client has not been verified by the RADIUS server.
Figure 4-18 displays the next six steps in the PEAP authentication process.
Figure 4-18 PEAP Authentication Process
The eight-step process in Figure 4-17 and Figure 4-18 starts with the clients' attempt to authenticate with the RADIUS server. Once a valid username and password are exchanged, the RADIUS server and client establish a common key used to send and receive data over a secured wireless connection.
The Cisco Wireless Security Suite supports IEEE 802.1X authentication and numerous EAP types, including EAP Cisco Wireless (LEAP); EAP-Transport Layer Security (EAP-TLS), and types that operate over EAP-TLS, such as PEAP, EAP-Tunneled TLS (EAP-TTLS), and EAP-Subscriber Identity Module (EAP-SIM). The suite also supports a pre-standard version of Temporal Key Integrity Protocol (TKIP).
TKIP defends against an attack on Wired Equivalent Privacy (WEP) in which the intruder uses an unencrypted segment called the initialization vector (IV) in encrypted packets to calculate the WEP key. TKIP removes the predictability that an intruder relies on to determine the WEP key by exploiting IVs. TKIP protects both unicast and broadcast WEP keys.
TKIP provides enhancements to 128-bit encryption. One such enhancement is per-packet key hashing, where the encryption key is changed on each packet. This feature helps combat a common WLAN hacking tool called AirSnort, freely available at http://airsnort.shmoo.com/, which takes advantage of a weakness in WEP encryption when static WEP keys are not changed during a session. It must be pointed out, however, that even with TKIP, the session key needs to be changed before the IV space recycles at 16.7 million packets.
Another important new security advance with TKIP is Message Integrity Check (MIC). With MIC, a digital signature is included with every frame sent, neutralizing the man-in-the-middle attack by hackers who can capture a wireless packet, modify it, and resend it.
TKIP and MIC are easily deployed on an access point. The following list details the simple three-step IOS configuration process:
-
Step 1.
Enter global configuration mode:
configuration terminal
-
Step 2.
Enter interface configuration mode for the radio interface:
interface dot11radio 0
-
Step 3.
Enable WEP, MIC, and TKIP:
encryption [vlan vlan-id] mode wep {optional [key-hash] | mandatory [mic] [key-hash]}