Additionally, we show that the security of EAP can easily be upgraded to provide \emph{full} forward secrecy simply by adding a subsequent key-confirmation step between the client and the authenticator. In practice this key-confirmation step is often carried out in the form of a 2P-AKE protocol which uses EAP to bootstrap its authentication. A concrete example is the extremely common IEEE~802.11 protocol used in WLANs. In enterprise settings EAP is often used in conjunction with IEEE~802.11 in order to allow the wireless client to authenticate itself to a wireless access point (the authenticator) through some centrally administrated server. Building on our modular results for EAP, we get as our second major result the first reduction-based security result for IEEE~802.11 combined with EAP.
Category / Keywords: 3P-AKE,2P-AKE,EAP,IEEE 802.11, partner functions Original Publication (with major differences): IACR-PKC-2017 Date: received 19 Mar 2017, last revised 21 Mar 2017 Contact author: hakoja at item ntnu no Available format(s): PDF | BibTeX Citation Version: 20170321:144617 (All versions of this report) Short URL: ia.cr/2017/253 Discussion forum: Show discussion | Start new discussion