Implementation of EAP authentication into IKEv2 protocol

نویسندگان

  • Jelena Vučak
  • Leonardo Jelenković
  • Marin Golub
چکیده

IKEv2 is a protocol for exchanging keys in the IPsec architecture. In it's specification, EAP was proposed as one of the authentication mechanisms. EAP is extensible authentication protocol based on client/server architecture and allows introduction of additional EAP methods. Implementation of this protocol is complex and in our project it was decided to include one of the existing implementations of EAP into IKEv2 protocol. WPA_supplicant implementation is chosen for peer and this article mainly describes how it was included. IKEv2 responder, on the other side, will rely on RADIUS server for EAP. Therefore it should provide protocol traverse between IKEv2 and RADIUS, both encapsulating EAP packets.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The Extensible Authentication Protocol-Internet Key Exchange Protocol version 2 (EAP-IKEv2) Method

This document specifies EAP-IKEv2, an Extensible Authentication Protocol (EAP) method that is based on the Internet Key Exchange (IKEv2) protocol. EAP-IKEv2 provides mutual authentication and session key establishment between an EAP peer and an EAP server. It supports authentication techniques that are based on passwords, high-entropy shared keys, and public key certificates. EAP-IKEv2 further ...

متن کامل

A Measurement Study on IKEv2 Authentication Performance in Wireless Networks

This paper presents an experimental evaluation of the performance costs of a wide variety of authentication methods over IKEv2 in wireless networks. The studied methods are preshared keys (PSK), extensible authentication protocol (EAP) using MD5, SIM, TTLS-MD5, TLS, and PEAP-MSCHAPv2. For the EAP-based methods RADIUS is used as authentication, authorization, and accounting (AAA) server. Two net...

متن کامل

CGA as alternative security credentials with IKEv2: implementation and analysis

Internet Protocol security (IPsec) is a protocol suite enabling secure IP communications by authentication and/or encryption. Internet Key Exchange version 2 (IKEv2) mechanism is recommended to configure dynamically IPsec between IP nodes and the authentication of each peer is usually based on either pre-shared keys, X.509 certificates or Extensible Authentication Protocol (EAP). However, these...

متن کامل

Diameter IKEv 2 SK : Using Shared Keys to Support Interaction between

The Internet Key Exchange Protocol version 2 (IKEv2) is a component of the IPsec architecture and is used to perform mutual authentication as well as to establish and to maintain IPsec Security Associations (SAs) between the respective parties. IKEv2 supports several different authentication mechanisms, such as the Extensible Authentication Protocol (EAP), certificates, and Shared Key (SK). Dia...

متن کامل

RFC 5998 Extension for EAP in IKEv 2 September 2010

IKEv2 specifies that Extensible Authentication Protocol (EAP) authentication must be used together with responder authentication based on public key signatures. This is necessary with old EAP methods that provide only unilateral authentication using, e.g., one-time passwords or token cards. This document specifies how EAP methods that provide mutual authentication and key agreement can be used ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007