Home > Articles > Security > Network Security

EAP Authentication Protocols for WLANs

This chapter examines the authentication methods: EAP, PEAP, LEAP, and the newer, emerging paradigm EAP-FAST, and weighs the pros and cons of each, in terms of standardization maturity and effectiveness.
This chapter is from the book

This chapter is from the book

The second in the WLAN authentication trilogy of chapters, this chapter examines the various authentication protocols such as the Extensible Authentication Protocol (EAP), Protected EAP (PEAP), the Lightweight Extensible Authentication Protocol (LEAP), and EAP- Flexible Authentication via Secure Tunneling (EAP-FAST). This chapter begins with a look at the fundamental concepts and contexts of authentication and access control; next, it discusses the various protocols such as EAP and 802.1x.

Notice the slow progression out of the basic 802.11 standards as you begin to leverage other standards: IEEE, the Internet Engineering Task Force (IETF), and sometimes even proprietary standards. You will see how the various protocols add more security features such as encrypted tunnels for exchanging various information (authentication, credentials, and other data), dynamic key distribution and rotation, authenticating the user rather than the device, and applying identity-based mechanisms and systems that are part of the administrative domain in enterprises.

Access Control and Authentication Mechanisms

Before allowing entities to access a network and its associated resources, the general mechanism is to authenticate the entity (a device and/or user) and then allow authorization based on the identity. The most common access control is binary: It either allows access or denies access based on membership in a group.

The different layers, standards, and conceptual entities in the EAP/802.1x world are seen in Figure 7-1.

Figure 1Figure 7-1 Layered Authentication Framework

The Three-Party Model

The authentication is based on a three-party model: the supplicant, which requires access; the authenticator, which grants access; and the authentication server, which gives permission.

The supplicant has an identity and some credentials to prove that it is who it claims to be. The supplicant is connected to the network through an authenticator's port that is access controlled. The port concept is important because it acts as the choke point for the supplicant's access to the network resources. The access to the network can be controlled at a single point. The supplicant is called a peer in the IETF RFCs and drafts.

The authenticator itself does not know whether an entity can be allowed access; that is the function of the authentication server. In the IETF world, the authenticator is referred to as the network access server (NAS) or Remote Address Dial-In User Service (RADIUS) client.

Let's look at the big picture before discussing the details. The supplicant initiates an access request, and the authenticator starts an EAP message exchange. (In the stricter sense of the standards, such as 802.1x, the supplicant does not necessarily always initiate the access request; the authenticator can initiate an authentication request when it senses a disabled-to-enabled state transition of a port.) At some point, the authenticator communicates with the authenticator server, which decides on an authentication protocol. A set of exchanges then occurs between the supplicant, the authenticator, and the server; at the end of this exchange, a success or failure state is reached. If the authentication succeeds, the authenticator allows network access to the supplicant through the port. The authenticator also keeps a security context with the supplicant-port pair. This context could trigger many things, including timeout if the authentication is only for a period of time (for example, the billed access in public WLAN scenario).

Layered Framework for Authentication

As shown in Figure 7-1, the authentication model is a layered one and has well-defined functionalities and protocols defining each layer and the interfaces between them. The access media (Step 1 in Figure 7-1) can be any of the 802 media: Ethernet, Token Ring, WLAN, or the original media in the serial Point-to-Point Protocol (PPP) link. The EAP specifications provide a framework for exchanging authentication information (Step 2 in Figure 7-1) after the link layer is established. The exchange does not even need IP. It is the function of the transport protocol layer (Step 3 in Figure 7-1) to specify how EAP messages can be exchanged over LAN, which is what 802.1x (and to some extent some parts of 802.11i) does. The actual authentication process (Step 4 in Figure 7-1) is the one that defines how and what credentials should be exchanged. Bear in mind that this framework still does not say how the authorization should be done, such as what decisions are made and when. This functionality is completely left to the domain.

Table 7-1 lists the major standards and efforts in the authentication framework domain. This chapter covers the different flavors of EAP. Hopefully, this table will enable you to dig deeper into the areas in which you are interested.

Table 7-1 Specifications and Standards in the Authentication Framework Domain




Domain: Access Method




RFC 1661: The Point-to-Point Protocol (PPP)


802.3, 802.5, 802.11 and other standards


IEEE access media standards

Transport Layer Security (TLS)

RFC 2246: Transport Layer Security Version 1.0



RFC 3268: AES Cipher Suit for TLS



RFC 3546: TLS extensions


Domain: Authentication Exchange




RFC 2284: PPP Extensible Authentication Protocol (EAP)

Original 1998 EAP standard


RFC 3579: RADIUS Support for EAP

Was RFC 2284bis

Will supersede RFC 2284



EAP-Support in SmartCard



EAP MD5-tunneled authentication protocol



EAP-LDAP protocol



EAP SIM authentication



EAP AKA authentication



EAP IKEv2 method



EAP GPRS protocol



EAP key management framework



EAP Archie protocol



State machines for EAP peer and authenticator


IEEE Std. 802.1X-2001

Port-based network access control



Revision of the 802.1x, work-in-progress

Domain: Authentication Process





Current RADIUS specification

Supersedes RFC 2138, which in turn supersedes RFC 2058


RFC 2866: RADIUS Accounting

Defines protocol for carrying accounting information between authenticator and authentication server

Supersedes RFC 2139, which in turn supersedes RFC 2059


RFC 2867: RADIUS Accounting Modifications for Tunnel Protocol Support

Updates RFC 2866


RFC 2868: RADIUS Attributes for Tunnel Protocol Support

Updates RFC 2865


RFC 2809: Implementation of L2TP Compulsory Tunneling via RADIUS



RFC 2869: RADIUS Extensions

Adds attributes for carrying AAA information between the authenticator (NAS) and authentication server (shared accounting server)


RFC 3576: Dynamic Authorization Extensions to RADIUS



RFC 2548: Microsoft Vendor-Specific RADIUS Attributes



RFC 3575: IANA Considerations for RADIUS

Describes best practices for registering RADIUS packet types

Updates Section 6 of RFC 2865


RFC 3580: IEEE 802.1x Remote Authentication Dial-In User Service (RADIUS) Usage Guidelines



RFC 3162: RADIUS and IPV6



RFC 2881: Network Access Server Requirements Next Generation (NASREQNG) NAS Model

Proposes a model for NAS—the authenticator


RFC 2882: Extended RADIUS Practices



RFC 2618, 2619, 2620, and 2621



RFC 2607: Proxy Chaining and Policy Implementation in Roaming


One-Time Password (OTP)

RFC 2289: A One-Time Password System



RFC 2243: OTP Extended Responses


EAP TLS (EAP Transport Layer Security)

RFC 2716: PPP EAP TLS Authentication Protocol




EAP tunneled TLS authentication protocol


RFC 1510: Kerberos V5



RFC 2712: Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)



RFC 3244: Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols



RFC 3546: TLS Extensions

Updates RFC 2246


RFC 3268: AES for TLS



RFC 1994: PPP Challenge Handshake Authentication Protocol (CHAP)



RFC 2433: Microsoft PPP CHAP Extensions



RFC 2759: Microsoft PPP CHAP Extensions, Version 2


Protected EAP (PEAP)





Microsoft PEAP version 0 (implementation in Windows XP SP1)



The compound authentication binding problem


RFC 3588: Diameter Base Protocol



draft-ietf-aaa-diameter-nasreq-13.txt; Diameter Network Access Server Application

Diameter application in the AAA domain



Diameter CMS security application


The EAP, a flexible protocol used to carry arbitrary authentication information, is defined in RFC 2284. (Incidentally, RFC 2284 is only 16 pages long!) A set of RFCs also defines the various authentication processes over EAP, including TLS, TTLS, SmartCard, and SIM. The IETF EAP workgroup is working on a revision of the EAP RFC and has submitted the new document as RFC 3579 (was RFC 2284bis).

EAP has two major features. First, it separates the message exchange from the process of authentication by providing an independent exchange layer. By doing so, it achieves the second characteristic: orthogonal extensibility, meaning that the authentication processes can extend the functionality by adopting a newer mechanism without necessarily effecting a corresponding change in the EAP layer.

EAP Frames, Messages, and Choreography

The basic EAP consists of a set of simple constructs: four message types, two message frames, and an extensible choreography.

The four message types are request, response, success, and failure. Figure 7-2 shows the EAP frame format.

As shown in Figure 7-3, EAP also defines a packet to negotiate the EAP protocol configuration. The EAP protocol is identified by C227 (Hex). This packet will be included in the data field of the EAP frame in Figure 7-2.

Figure 2Figure 7-2 EAP Frame Format

Figure 3Figure 7-3 EAP Configuration Negotiation Packet

Depending on the type, the request and response packets include the type field and data, as shown in Figure 7-4.

Figure 4Figure 7-4 EAP Request/Response Frame

Table 7-2 EAP Packet Types Assigned by IANA




Assigned by RFC






Nak (response only)




One-Time Password (OTP)


Generic Token Card (GTC)


Not assigned


Not assigned


RSA Public Key Authentication


DSS Unilateral








Defender Token (AXENT)


RSA Security SecurID EAP


Arcot Systems EAP


EAP-Cisco Wireless (LEAP)


Nokia IP SmartCard authentication


SRP-SHA1 Part 1


SRP-SHA1 Part 2




Remote Access Service


UMTS Authentication and Key Agreement


EAP-3Com Wireless






Mutual Authentication w/Key Exchange (MAKE)
















EAP-Actiontec Wireless


Cogent Systems Biometrics Authentication EAP


AirFortress EAP




SecureSuite EAP


DeviceConnect EAP








Not assigned; can be assigned by IANA on the advice of a designated expert


Reserved; requires standards action


Expanded types


Experimental usage

Figure 7-5 shows the success/failure frame.

Figure 5Figure 7-5 EAP Success/Failure Frame

The EAP message exchange is basic, as shown in Figure 7-6. EAP starts after the supplicant has data and link layer connectivity (Step 0 in Figure 7-6). The communication between the authenticator and the supplicant is done as a request-response paradigm, meaning a message is sent and the sender waits for a response before sending another message.

The first exchange (Step 1 in Figure 7-6) could be an identity exchange. Even though there is an identity message type, the RFC does not guarantee identity semantics and encourages that the authentication mechanisms not depend on this exchange for identity and have their own identity-recognition mechanisms. Moreover, the initial exchange would most likely be in cleartext; therefore, it is a security vulnerability.

Figure 6Figure 7-6 EAP Message Exchange Framework

In Step 2, all the exchanges between the supplicant, authenticator, and back-end authentication systems are defined by a wide variety of specific RFCs or drafts and authentication mechanisms.

Finally, at some point, the authenticator determines whether the authentication is a success or failure and sends an appropriate message to the supplicant (Step 3 in Figure 7-6).

EAP Authentication Mechanisms

This section examines in detail some of the most relevant EAP authentication frameworks. The typical mechanisms using EAP over LANS are EAP-MD5, EAP-One-Time Password (EAP-OTP), EAP-TLS, EAP-TTLS, EAP-Generic Token Card (EAP-GTC), Microsoft CHAP (EAP-MSCHAPv2), and EAP-FAST.


The EAP-MD5 is a Challenge Handshake Authentication Protocol (CHAP), as defined in RFC 1994. Figure 7-7 shows the choreography of the EAP-MD5 mechanism.

Figure 7Figure 7-7 EAP-MD5 Choreography

For EAP-MD5 to work, the client and the authentication server must have a shared secret, usually a password associated with an identity/username. This needs to be established out of band (Step 1 in Figure 7-7). The connectivity (Step 2 in Figure 7-7) and identity exchange (Step 3 in Figure 7-7) are required before the EAP-MD5 process. The EAP-MD5 method consists of a random challenge to the supplicant (Step 4-a in Figure 7-7) and a response from the supplicant (Step 4-c, Step 4-d in Figure 7-7), which contains the hash of the challenge created using the shared secret (Step 4-b in Figure 7-7). The authentication server verifies the hash (Step 4-e in Figure 7-7) and accepts or rejects the authentication. The authenticator allows or disallows access (Step 5 in Figure 7-7) based on this decision. If successful, the supplicant gains access (Step 6 in Figure 7-7).

EAP-MD5 is a pure authentication protocol; after the authentication, the messages are transmitted in cleartext. It is also a client authentication protocol—the server side (authenticator) is not authenticated; therefore, it cannot detect a rogue AP.

EAP-MD5 also contains a set of good features: It requires only lightweight processing (which translates to less hardware) and does not require a key/certificate infrastructure. Although pure EAP-MD5 has some value in the PPP world, it is of limited use in the wireless world. For example, Microsoft has dropped the support for EAP-MD5 for the wireless interface in Windows XP. Support was dropped because of security problems; EAP-MD5 is vulnerable to dictionary and brute-force attacks when used with Ethernet and wireless.


EAP-OTP is similar to MD5, except it uses the OTP as the response. The request contains a displayable message. The OTP method is defined in RFC 2289. The OTP mechanism is employed extensively in VPN and PPP scenarios but not in the wireless world.


The EAP-GTC (Generic Token Card) is similar to the EAP-OTP except with hardware token cards. The request contains a displayable message, and the response contains the string read from the hardware token card.


As you have seen, methods such as EAP-MD5 and EAP-GTC are specific to authentication and are confined to authenticating only the client. EAP-TLS adds more capabilities such as mutual authentication, which provides an encrypted transport layer and the capability to dynamically change the keys. On the other hand, EAP-TLS is based on digital certificates and thus requires an infrastructure to manage—issue, revoke, and verify—certificates and keys.

EAP-TLS is based on the TLS protocol that is defined in RFC 2246. The following section talks a little bit about TLS, and then you will look at which of its features carry over into EAP-TLS.

A Brief Introduction to TLS

TLS has the concept of sessions and connection. A connection is a channel, whereas a session is governed by security context—session identifier, peer certificate, compression method, cipher spec for the session key, and MAC algorithm parameters and the shared master secret. TLS can and will securely negotiate different session parameters while maintaining the same connection—usually a TCP connection. The handshake phase establishes a session, and the session keys (symmetric) encrypt the transport during the data transfer phase. In addition to providing confidentiality, TLS provides integrity check. TLS, of course, is a point-to-point method.

TLS defines two layers: a record layer (which exchanges messages dealing with things such as fragmentation, MAC, and encryption) and a message layer (which defines different types of messages). The four message types are as follows:

  • Change cipher spec—Used to signify change in the session context to be used by the record layer. This is an independent content type that is used to avoid getting trapped in specific protocol messages, at which point the pipe could stall.

  • Alert—Could be warning or fatal. The alert message subtypes (approximately 26 sub-types) include close notify, decryption failed, certificate revoked, access denied, and so on.

  • Handshake protocol—You will see these messages in Figure 7-8. The subtypes include the following:

    • Hello messages (hello_request, client_hello, and server_hello)

    • Server authentication and key exchange messages (certificate, server_key_exchange, certificate_request, and server_hello_done)

    • Client authentication and key exchange messages (certificate_verify and client_key_exchange)

    • Handshake finalization message (finished)

  • Application data—The records themselves are transmitted over a reliable protocol such as TCP. TLS also defines a handshake protocol for authentication, exchanging cryptographic parameters and establishing session context.

Figure 7-8 shows the TLS choreography, through the lifetime of a connection, in some detail.

Figure 8Figure 7-8 TLS Choreography

The handshake protocol (Steps 3, 4, 5, and 6 in Figure 7-8) accomplishes server authentication, algorithm negotiation, establishing session context, and (optional) client authentication. Of course, to successfully complete the handshake and arrive at the keys and secrets, the client and server should have digital certificates (Step 1 in Figure 7-8) and connectivity (Step 2 in Figure 7-8).

After the handshake is successfully completed, the client and server can exchange application data (Step 7 in Figure 7-8) using the established secure transport. Occasionally, renegotiation of session context might happen, usually for new session keys. Finally, the client or server with the close message closes the connection (Step 8 in Figure 7-8).

EAP-TLS Choreography

EAP-TLS employs selected parts of the TLS. For example, it uses the TLS handshake for mutual authentication, cipher suit negotiation, and to derive session keys; however, it does not use all parts of the TLS record protocol.

Figure 9Figure 7-9 EAP-TLS Frame Format

Figure 7-9 shows the frame format for EAP-TLS. The EAP type is 13 (see Table 7-2). The EAP data frame consists of TLS-specific fields. A similar approach is taken for the choreography, as shown in Figure 7-10. As expected, Figure 7-10 is a combination of Figures 7-6 and 7-8.

After the EAP identity request and response, a TLS-START request is sent (this is where Bit 2 of the TLS flag is used) to the supplicant (Step 3-a in Figure 7-10). This initiates the TLS handshake protocol (remember, TLS starts with a client-hello), which, in the end, results in authentication and establishing session keys for securing (confidentiality and integrity) the transport layer. As you saw in the TLS section, the session context contains all the relevant information. After the handshake is done, EAP-TLS does not use any of the TLS record protocols; that is, the application data is not exchanged using the TLS record protocol.

Figure 10Figure 7-10 EAP-TLS Choreography


EAP-TTLS is similar to EAP-TLS, but the client authentication is extended after the secure transport has been established. Then the client can be authenticated using any of the methods like username/PW, CHAP, and MSCHAPv2. This is called tunneled authentication. What this achieves is that the client does not require a digital certificate; only the authentication server needs one. This capability simplifies the client credential management. Organizations can also use currently available/legacy authentication methods (usually password-based schemes).

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020