Paper 2017/253

A Modular Security Analysis of EAP and IEEE 802.11

Chris Brzuska and Håkon Jacobsen

Abstract

We conduct a reduction-based security analysis of the Extensible Authentication Protocol (EAP), a widely used three-party authentication framework. EAP is often found in enterprise networks where it allows a client and an authenticator to establish a shared key with the help of a mutually trusted server. Considered as a three-party authenticated key exchange protocol, we show that the general EAP construction achieves a security notion we call 3P-AKE$^w$. The 3P-AKE$^w$ security notion captures the idea of \emph{weak forward secrecy} and is a simplified three-party version of the well-known eCK model in the two-pass variant. Our analysis is modular and reflects the compositional nature of EAP. Additionally, we show that the security of EAP can easily be upgraded to provide \emph{full} forward secrecy simply by adding a subsequent key-confirmation step between the client and the authenticator. In practice this key-confirmation step is often carried out in the form of a 2P-AKE protocol which uses EAP to bootstrap its authentication. A concrete example is the extremely common IEEE~802.11 protocol used in WLANs. In enterprise settings EAP is often used in conjunction with IEEE~802.11 in order to allow the wireless client to authenticate itself to a wireless access point (the authenticator) through some centrally administrated server. Building on our modular results for EAP, we get as our second major result the first reduction-based security result for IEEE~802.11 combined with EAP.

Metadata
Available format(s)
PDF
Publication info
A major revision of an IACR publication in PKC 2017
Keywords
3P-AKE2P-AKEEAPIEEE 802.11partner functions
Contact author(s)
hakoja @ item ntnu no
History
2017-03-21: revised
2017-03-20: received
See all versions
Short URL
https://ia.cr/2017/253
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/253,
      author = {Chris Brzuska and Håkon Jacobsen},
      title = {A Modular Security Analysis of EAP and IEEE 802.11},
      howpublished = {Cryptology ePrint Archive, Paper 2017/253},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/253}},
      url = {https://eprint.iacr.org/2017/253}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.