Recommendation for EAP Methods Used in Wireless Network Access Authentication [September 2009]

This Recommendation specifies security requirements for authentication methods with key establishment supported by the Extensible Authentication Protocol (EAP) defined in IETF RFC 3748 for wireless access authentications to federal networks.

[1]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) , 2004, RFC.

[2]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[3]  Dan Simon,et al.  The EAP-TLS Authentication Protocol , 2008, RFC.

[4]  Shirley M. Radack Updated Digital Signature Standard Approved as Federal Information Processing Standard (FIPS)186-3 | NIST , 2009 .

[5]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[6]  Lidong Chen,et al.  SP 800-120. Recommendation for EAP Methods Used in Wireless Network Access Authentication , 2009 .

[7]  Hao Zhou,et al.  The Flexible Authentication via Secure Tunneling Extensible Authentication Protocol Method (EAP-FAST) , 2007, RFC.

[8]  William M. Daley,et al.  Digital Signature Standard (DSS) , 2000 .

[9]  Elaine B. Barker,et al.  The Keyed-Hash Message Authentication Code (HMAC) | NIST , 2002 .

[10]  Elaine B. Barker,et al.  SP 800-56B. Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography , 2009 .

[11]  Elaine B. Barker,et al.  SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised) , 2007 .

[12]  William C. Barker,et al.  TECHNOLOGY ADMINISTRATION , 2004 .

[13]  Morris J. Dworkin SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2004 .

[14]  Morris J. Dworkin,et al.  SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication , 2005 .

[15]  Simon Blake-Wilson,et al.  Funk Request for Comments : 5281 Unaffiliated Category : Informational , 2008 .

[16]  Jari Arkko,et al.  Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA) , 2006, RFC.

[17]  Lidong Chen,et al.  Where EAP security claims fail , 2007, QSHINE.

[18]  Dirk Fox,et al.  Digital Signature Standard (DSS) , 2001, Datenschutz und Datensicherheit.

[19]  Bernard Aboba,et al.  RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP) , 2003, RFC.

[20]  Russ Housley,et al.  Guidance for Authentication, Authorization, and Accounting (AAA) Key Management , 2007, RFC.

[21]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs , 2005, RFC.

[22]  Morris Dworkin,et al.  Special Publication 800-38C, Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2003 .

[23]  Vidya Narayanan,et al.  EAP Extensions for EAP Re-authentication Protocol (ERP) , 2008, RFC.

[24]  Valtteri Niemi,et al.  Man-in-the-Middle in Tunnelled Authentication Protocols , 2003, Security Protocols Workshop.

[25]  T. Charles Clancy,et al.  Making the case for EAP channel bindings , 2009, 2009 IEEE Sarnoff Symposium.

[26]  Jari Arkko,et al.  Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA') , 2009, RFC.

[27]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[28]  Valtteri Niemi,et al.  Man-in-the-Middle in Tunneled Authentication Protocols , 2002 .

[29]  Steve Hanna,et al.  Requirements for an Tunnel Based EAP Method , 2008 .

[30]  Lidong Chen,et al.  Recommendation for Key Derivation Using Pseudorandom Functions (Revised) , 2009 .

[31]  Glen Zorn,et al.  Diameter Extensible Authentication Protocol (EAP) Application , 2005, RFC.

[32]  Hannes Tschofenig,et al.  Extensible Authentication Protocol - Generalized Pre-Shared Key (EAP-GPSK) Method , 2009, RFC.

[33]  Elaine B. Barker,et al.  SP 800-57. Recommendation for Key Management, Part 1: General (revised) , 2007 .

[34]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[35]  Abhijit Choudhury,et al.  AES Galois Counter Mode (GCM) Cipher Suites for TLS , 2008, RFC.

[36]  Vidya Narayanan,et al.  Specification for the Derivation of Root Keys from an Extended Master Session Key (EMSK) , 2008, RFC.

[37]  Dan Simon,et al.  Extensible Authentication Protocol (eap) Key Management Framework , 2007 .