A Threat Analysis of The Extensible Authentication Protocol
نویسندگان
چکیده
Acknowledgement I wish to express my sincere gratitude to Professor Michel Barbeau, my supervisor, for his encouragement and guidance during the course of this project. Thank you for always being there and helping me whenever I needed. ii Abstract Security is always a major concern for wireless LAN development. This type of development is suffering today from different security problems due to the fact that it is a wireless technology. Extensible Authentication Protocol (EAP) is widely used in WiFi/802.11 and WiMax/802.16 wireless networks as an authentication solution. This report uncovers the main threats to EAP and some common EAP methods. Specifically EAP-MD5, EAP-LEAP, EAP-TLS, EAP-TTLS and EAP-PEAP are reviewed in detail. A threat analysis is presented and the threat is ranked from three aspects: likelihood, impact, and risk.
منابع مشابه
An efficient non-repudiation billing protocol in heterogeneous 3G-WLAN networks
The wireless communication with delivering variety of services to users is growing rapidly in recent years. The third generation of cellular networks (3G), and local wireless networks (WLAN) are the two widely used technologies in wireless networks. 3G networks have the capability of covering a vast area; while, WLAN networks provide higher transmission rates with less coverage. Since the two n...
متن کاملHMAC-Based Authentication Protocol: Attacks and Improvements
As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...
متن کاملGSLHA: Group-based Secure Lightweight Handover Authentication Protocol for M2M Communication
Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the most fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication, is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, v...
متن کاملGame-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags
The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...
متن کاملارائه طرح احراز اصالت سبک با قابلیت گمنامی و اعتماد در اینترنت اشیا
The Internet of Things (IoT), is a new concept that its emergence has caused ubiquity of sensors in the human life. All data are collected, processed, and transmitted by these sensors. As the number of sensors increases, the first challenge in establishing a secure connection is authentication between sensors. Anonymity, lightweight, and trust between entities are other main issues that shoul...
متن کامل