An Idea to Increase the Security of EAP-MD5 Protocol Against Dictionary Attack

IEEE 802.1X is an international standard for Port-based Network Access Control which provides authentication for devices applicant of either local network or wireless local network. This standard defines the packing of EAP protocol on IEEE 802. In this standard, authentication protocols become a complementary part of network security. There is a variety in EAP family protocols, regarding their speed and security. One of the fastest of these protocols is EAP-MD5 which is the main subject of this paper. Moreover, in order to improve EAP-MD5 security, a series of attacks against it have been investigated. In this paper at first EAP-MD5 protocol is introduced briefly and a series of the dictionary attacks against it are described. Then, based on observed weaknesses, by proposing an appropriate idea while maintaining the speed of execution, its security against dictionary attack is improved.

[1]  Muhammad Sher,et al.  Cryptanalysis and Improvement of an Improved Two Factor Authentication Protocol for Telecare Medical Information Systems , 2015, Journal of Medical Systems.

[2]  Bernard Aboba,et al.  Extensible Authentication Protocol (EAP) , 2004, RFC.

[3]  Xiong Li,et al.  An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement , 2014, Secur. Commun. Networks.

[4]  Larry J. Blunk,et al.  PPP Extensible Authentication Protocol (EAP) , 1998, RFC.

[5]  Heung Youl Youm,et al.  Extensible Authentication Protocol Overview and Its Applications , 2009, IEICE Trans. Inf. Syst..

[6]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[7]  Lei Han,et al.  A Threat Analysis of The Extensible Authentication Protocol , 2006 .

[8]  Dan Simon,et al.  Extensible Authentication Protocol (eap) Key Management Framework , 2007 .

[9]  Thomas D. Wu The Secure Remote Password Protocol , 1998, NDSS.

[10]  Scott Ruoti,et al.  Strengthening Password-based Authentication , 2016, WAY@SOUPS.

[11]  Hyunuk Hwang,et al.  A Study on MITM (Man in the Middle) Vulnerability in Wireless Network Using 802.1X and EAP , 2008, 2008 International Conference on Information Science and Security (ICISS 2008).

[12]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[13]  Tao Xie,et al.  How to Break EAP-MD5 , 2012, WISTP.

[14]  S. Raja Rajeswari,et al.  Comparative Study on Various Authentication Protocols in Wireless Sensor Networks , 2016, TheScientificWorldJournal.

[15]  Bernard Aboba,et al.  RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP) , 2003, RFC.

[16]  Daniel Rosner,et al.  A practical analysis of EAP authentication methods , 2010, 9th RoEduNet IEEE International Conference.