PEAP Protected Extensible Authentication Protocol
What is PEAP? • PEAP is an authentication protocol designed for wireless LANs • PEAP makes use of 2 well known and well studied protocols • EAP - Extensible Authentication Protocol • TLS - Transport Layer Security
EAP – Extensible Authentication Protocol • EAP is an authentication protocol that typically rides on top of another protocol such as 802.1x, RADIUS, PPP, etc. • EAP allows the authenticator to serve as the user authentication carrier between the client and the authentication server. • EAP limitations are well known and resolved by PEAP.
TLS – Transport Layer Security • TLS provides the encryption, compression and data integrity. • TLS is based on the SSL 3.0 Protocol Specification and is often described as a improved version of SSL. • TLS is well documented and has been extensively analyzed with no significant weaknesses found.
Why do we need PEAP? • A wireless access point (WAP) broadcasts all of its traffic so that anyone within broadcast range can passively collect the data. (Ethereal, AirSnort) • Wireless encryption is weak and can be decrypted in a short period of time. (AirSnort, WEPcrack) • Physical access of the network is not necessary to connect to the network. Knowledge of the SSID and possibly a valid MAC address is all that is required. (NetStumbler) • Users have no way of knowing if they are connecting to a rogue access point setup as part of a man-in-the-middle attack.
How does PEAP fix these problems? • The transmission of user-sensitive authentication data is encrypted within a TLS tunnel. • Data within the TLS tunnel cannot be decrypted without the TLS master secret. • If a client does not successfully authenticate, its connection is dropped by the access point. • The TLS master secret is not shared with the access point, so rogue access points will be unable to decrypt messages protected by PEAP. • Server-side Public-Key Infrastructure based digital certificates are used to authenticate EAP Servers.
How does PEAP work? • Part 1 – Establish TLS tunnel Client WAP EAP Server Authentication Server Request Connection Request Connection Do you support PEAP? Yes Server PKI certificate & server’s TLS preferences Certificate verified & client’s TLS preferences or OK TLS settings accepted & TLS finished • TLS tunnel established
How does PEAP work? • Part 2 – EAP authentication within the TLS tunnel Client WAP EAP Server Authentication Server Response to TLS tunnel established Request client’s identity Client’s identity (tells server domain to contact) Server’s requested EAP authentication type Client’s requested EAP authentication type or OK EAP method accepted, request authentication Client’s UserID and Password UserID & password EAP authentication success Success • TLS tunnel torn down
PEAP fast reconnect • Allows wireless clients to move between access points on the same network without repeated requests for authentication. • Requires that access points be configured to forward authentication requests to the same EAP server. If the original EAP server is not available, full authentication must occur. • TLS session IDs are cached by the client and server. Because the server only caches TLS session IDs that successfully authenticate in part 2, if the client can reestablish the TLS session, it is not necessary to re-authenticate the client against the authentication server.
Security concerns • Authentication data transmitted between the NAS and the authentication server is not encrypted by the TLS tunnel. This channel must be protected from man-in-the-middle attacks. • Data transmitted after PEAP authentication is not encrypted. The TLS tunnel is only used for authentication. • Implementation of PEAP must be setup correctly. Poor configuration can allow for several severe vulnerabilities.
References • http://www.globecom.net/ietf/draft/draft-josefsson-pppext-eap-tls-eap-02.html • http://www.oreillynet.com/lpt/a/2827 • www.nwfusion.com/news/2002/0923peap.html • http://www.ietf.org/rfc/rfc2246.txt • http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windowsserver2003/proddocs/entserver/sag_ias_protocols_peap.asp • http://www.faqs.org/rfcs/rfc2284.html • http://www.cisco.com/en/US/netsol/ns110/ns175/ns176/ns178/netqa09186a008010018c.html