We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byCesar Whitt
Modified over 4 years ago
EAP Channel Bindings TF-MNM Lyon, February 16, 2011 Alan DeKok FreeRADIUS
TF-MNM Lyon 2 AAA The problem AAA
TF-MNM Lyon 3 Its all lies NAS can lie to end user $0.02 per minute (really $0.10) Visited provider can lie to home server They used 10 hours (really 10 min)
TF-MNM Lyon 4 Solution Tell everyone what everyone else said In a secure fashion
TF-MNM Lyon 5 AAA The Solution AAA The NAS told me X I told the user X
TF-MNM Lyon 6 How it works Define a TLV in EAP to transport data Likely RADIUS RADIUS inside of EAP inside of TTLS inside of EAP inside of RADIUS Its a bit of a miracle that it works at all
TF-MNM Lyon 7 Security Exchange information after user has been authenticated Using keys derived from the EAP session Ensures authenticity and integrity of the data
TF-MNM Lyon 8 Benefits Increases the usefulness of roaming I dont know who the NAS is, but hes asking to charge the user $0.02/min, and the user has agreed.
TF-MNM Lyon 9 Questions?
Inter WISP WLAN roaming
A Good Start To School Attendance.
Session ID Georg Carle, John Vollbrecht, Sebastian Zander, Tanja Zseby San Diego, December 2000.
Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
EAP Scenarios and 802.1af Joseph Salowey 1/12/2006.
RADEXT WG IETF-71 Agenda Friday, March 14, :00 – 11:30 AM.
Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.
Doc.: IEEE /039 Submission January 2001 Haverinen/Edney, NokiaSlide 1 Use of GSM SIM Authentication in IEEE System Submitted to IEEE
Terena Mobility Taskforce update Klaas Wierenga SURFnet.
Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.
Licia Florio EUNIS05, Manchester 1 Eduroam EUNIS Conference, June Licia Florio.
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
Wireless LAN Setup & Optimizing Wireless Client in Linux Hacking and Cracking Wireless LAN Setup Host Based AP ( hostap ) in Linux & freeBSD Securing.
PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
Radius based ssh authentication Location of Radius server – radius-server host auth-port 1812 acct-port 1813 key WinRadius – The same config.
TF Mobility Group 22nd September A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.
© Copyright _ Bro’s Place 2003 Billy the Kid was born in New York City, 1859?
A Secure Access System for Mobile IPv6 Network ZHANG Hong Aug 28, 2003
1 Role of Authorization in Wireless Network Security Pasi Eronen Jari Arkko November 3, 2004 This document has been produced partially in the context of.
© 2018 SlidePlayer.com Inc. All rights reserved.