EAP methods for wireless networks

This paper presents an overview and analysis of Extensible Authentication Protocol (EAP) and its place in securing wireless LANs. A number of specific widely used EAP methods are examined and evaluated for their advantages and susceptibility to types of attack. Next we propose suitable EAP methods for wireless technologies beyond LANs, including RFID and WiMAX. After analyzing requirements for different wireless networks, we conclude that a new lightweight and secure EAP method is warranted for fixed mobile convergence interoperability.

[1]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[2]  Henry Haverinen,et al.  Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM) , 2006, RFC.

[3]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) Method Requirements for Wireless LANs , 2005, RFC.

[4]  Mohan Parthasarathy,et al.  Protocol for Carrying Authentication and Network Access (PANA) Threat Analysis and Security Requirements , 2005, RFC.

[5]  Reinaldo Penno,et al.  Protocol for Carrying Authentication for Network Access (PANA) Requirements , 2005, RFC.

[6]  Larry J. Blunk,et al.  PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[7]  David A. Wagner,et al.  Intercepting mobile communications: the insecurity of 802.11 , 2001, MobiCom '01.

[8]  H. Boland,et al.  Security issues of the IEEE 802.11b wireless LAN , 2004, Canadian Conference on Electrical and Computer Engineering 2004 (IEEE Cat. No.04CH37513).

[9]  Ryuji Wakikawa,et al.  Network Mobility (NEMO) Basic Support Protocol , 2005, RFC.

[10]  David Johnston,et al.  Overview of IEEE 802.16 security , 2004, IEEE Security & Privacy Magazine.

[11]  Simon Blake-Wilson,et al.  EAP Tunneled TLS Authentication Protocol Version 1 (EAP-TTLSv1) , 2006 .

[12]  Jari Arkko,et al.  Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA) , 2006, RFC.

[13]  Ieee Microwave Theory,et al.  IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Fixed Broadband Wireless Access Systems Draft Amendment: Management Information Base Extensions , 2007 .

[14]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) , 2004, RFC.

[15]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[16]  WalkerJesse,et al.  Overview of IEEE 802.16 Security , 2004, S&P 2004.

[17]  Koutarou Suzuki,et al.  RFID Privacy Issues and Technical Challenges , 2005, IEEE Engineering Management Review.