Extensible Authentication Protocol Overview and Its Applications

Heung Youl YOUM  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E92-D   No.5   pp.766-776
Publication Date: 2009/05/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E92.D.766
Print ISSN: 0916-8532
Type of Manuscript: INVITED PAPER (Special Section on Information and Communication System Security)
Category: 
Keyword: 
EAP,  IKEv2,  EAP-MD5,  EAP-TLS,  PEAP,  TLS,  

Full Text: PDF(2MB)>>
Buy this Article




Summary: 
The Extensible Authentication Protocol (EAP) is an authentication framework that supports multiple authentication mechanisms [38] between a peer and an authentication server in a data communication network. EAP is used as a useful tool for enabling user authentication and distribution of session keys. There are numerous EAP methods that have been developed by global SDOs such as IETF, IEEE, ITU-T, and 3GPP. In this paper, we analyze the most widely deployed EAP methods ranging from the EAP-TLS [27] to the EAP-PSK [25]. In addition, we derive the security requirements of EAP methods meet, evaluate the typical EAP methods in terms of the security requirements, and discuss the features of the existing widely-deployed EAP methods. In addition, we identify two typical use cases for the EAP methods. Finally, recent global standardization activities in this area are reviewed.