A Threat Analysis of The Extensible Authentication Protocol

نویسندگان

  • Lei Han
  • Michel Barbeau
چکیده

Acknowledgement I wish to express my sincere gratitude to Professor Michel Barbeau, my supervisor, for his encouragement and guidance during the course of this project. Thank you for always being there and helping me whenever I needed. ii Abstract Security is always a major concern for wireless LAN development. This type of development is suffering today from different security problems due to the fact that it is a wireless technology. Extensible Authentication Protocol (EAP) is widely used in WiFi/802.11 and WiMax/802.16 wireless networks as an authentication solution. This report uncovers the main threats to EAP and some common EAP methods. Specifically EAP-MD5, EAP-LEAP, EAP-TLS, EAP-TTLS and EAP-PEAP are reviewed in detail. A threat analysis is presented and the threat is ranked from three aspects: likelihood, impact, and risk.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

An efficient non-repudiation billing protocol in heterogeneous 3G-WLAN networks

The wireless communication with delivering variety of services to users is growing rapidly in recent years. The third generation of cellular networks (3G), and local wireless networks (WLAN) are the two widely used technologies in wireless networks. 3G networks have the capability of covering a vast area; while, WLAN networks provide higher transmission rates with less coverage. Since the two n...

متن کامل

HMAC-Based Authentication Protocol: Attacks and Improvements

As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...

متن کامل

GSLHA: Group-based Secure Lightweight Handover Authentication Protocol for M2M Communication

Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the most fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication, is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, v...

متن کامل

Game-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags

The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...

متن کامل

ارائه طرح احراز اصالت سبک با قابلیت گمنامی و اعتماد در اینترنت اشیا

The Internet of Things (IoT), is a new concept that its emergence has caused ubiquity of sensors in the human life. All data are collected, processed, and transmitted by these sensors. As the number of sensors increases,   the first challenge in establishing a secure connection is authentication between sensors. Anonymity, lightweight, and trust between entities are other main issues that shoul...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006