Last updated: 
2 weeks 10 hours ago
Group Manager
A place to share information on all aspects of eduroam in the UK. Follow us on Twitter @eduroamuk - for news, interest, information, photos and fun. Contents Click on item and scroll down to the selected content at the bottom of the page. eduroam Visitor Access Administrator Manual - Configuration and Management eduroam Visitor Access Portal User Manual - Creating Guest Accounts eduroam Visitor Access User Manual - Creating Guest Accounts for Groups and SMS Events eduroam Visitor Access Guide - UKAMF IdP Configuration Requirements Advisory: Injection of Operator-Name at the NRPSs Walled Garden for Onboarding User Devices to eduroam Using eduroam Support site; Connecting to the NRPS; User on-boarding – CAT Guidance document - eduroam and Safeguarding Guidance document - Cost of Implementing eduroam eduroam(UK) Technical Specification Summary of Recommendations Checklist eduroam(UK) Technical Specification Summary of Requirements Checklist eduroam(UK) Technical Specification NHS and eduroam/shared use of wireless/govroam ORPS in Azure - alternatives to the use of ICMP Sending Operator Name with Cisco ISE 2.0 eduroam in Public Buildings and Spaces in City Centres TLS 1.2 and updated RADIUS requirements FreeRADIUS Packet Handling - examining the flow FreeRADIUS Best Current Practice Configuration for eduroam  Performance tweaks for RADIUS and backend authentication systems eduroam(UK) Microsoft NPS Configuration Guide eduroam(UK) Service Provider Assurance Tool User Guide eduroam(UK) Service Provider Assurance Tool Phase2 Field Trial Feedback Improving the Reliability of NPS as an Authenticator in eduroam Advisory: Using Status Server Advisory: Use of MD5 Certificates Deprecated in Favour of SHA-1 for RADIUS servers Advisory: Windows Mobile 8 and Certificate Verification NWS41 eduroam Forum presentations - TKIP, CUI, NAPTR, QoS Probe NWS40 FreeRADIUS Demystified seminar presentation Geant Funding available Janet Lumen House eduroam Service Information UK eduroam Usage Feb 2013 EAP-pwd Moving Towards a Deployable Standard Site Finder and Service Information Directory eduroam(UK) Technical Specification 1.3 (archived) - superseded by 1.4 eduroam User Troubleshooting Flowchart for IT Support Staff eduroam Administrators Troubleshooting Flowchart NAPTR Record Creation Using Microsoft Windows 2008 R2 DNS Server eduroam Best Practice Pointers FreeRADIUS 2 eduroam Deployment at University of Sussex

Group administrators:

EAP-pwd Moving Towards a Deployable Standard

17 April 2014 at 4:38pm

Contents:

What is EAP-pwd?

The Geant project to address shortomings in current RFC

What is EAP-pwd?

EAP-pwd is an EAP method that addresses the problem of password-based authenticated key exchange-- using a possibly weak password for authentication to derive an authenticated and cryptographically strong shared secret.

EAP-pwd is an extremely efficient EAP method which has the pot

The security of EAP-pwd relies upon each side, the peer and server, producing quality secret random numbers.  A poor random number chosen by either side in a single exchange can compromise the shared secret from that exchange and open up the possibility of dictionary attack.

Producing quality random numbers without specialized hardware entails using a cryptographic mixing function (like a strong hash function) to distill entropy from multiple, uncorrelated sources of information and events.

EAP-pwd defines three message exchanges, an Identity exchange, a Commit exchange and a Confirm exchange.  A successful authentication is shown below.

The peer and server use the Identity exchange to discover each other's identities and to agree upon a ciphersuite to use in the subsequent exchanges; in addition, the EAP Server uses the EAP-pwd-ID/Request message to inform the client of any password preprocessing that may be required.  In the Commit exchange the peer and server exchange information to generate a shared key and also to bind each other to a particular guess of the password.  In the Confirm exchange the peer and server prove liveness and knowledge of the password by generating and verifying verification data.

           +--------+                                                   +--------+
           |           |                EAP-pwd-ID/Request     |           |
           |  EAP    |<------------------------------------     |  EAP    |
           |  peer   |                                                    | server |
           |           | EAP-pwd-ID/Response                    |           |
           |           |------------------------------------>     |           |
           |           |                                                    |           |
           |           |            EAP-pwd-Commit/Request |           |
           |           |<------------------------------------     |           |
           |           |                                                    |           |
           |           | EAP-pwd-Commit/Response            |           |
           |           |------------------------------------>     |           |
           |           |                                                    |           |
           |           |           EAP-pwd-Confirm/Request  |            |
           |           |<------------------------------------     |           |
           |           |                                                    |           |
           |           | EAP-pwd-Confirm/Response            |           |
           |           |------------------------------------>     |           |
           |           |                                                    |           |
           |           |        EAP-Success                         |           |
           |           |<------------------------------------     |           |
           +--------+                                                    +--------+

                  Figure: A Successful EAP-pwd Exchange

 The components of the EAP-pwd-* messages are as follows:

 EAP-pwd-ID/Request
       Ciphersuite, Token, Password Processing Method, Server_ID

 EAP-pwd-ID/Response
       Ciphersuite, Token, Password Processing Method, Peer_ID

 EAP-pwd-Commit/Request
       Scalar_S, Element_S

 EAP-pwd-Commit/Response
       Scalar_P, Element_P

 EAP-pwd-Confirm/Request
       Confirm_S

 EAP-pwd-Confirm/Response
       Confirm_P

For the full RFC see:

http://tools.ietf.org/html/draft-harkins-emu-eap-pwd-14

Geant Project to Address Shortcomings

JRA3-T1's evaluation of EAP-pwd for user authentication concluded that it contained many positive properties, but also a few drawbacks.

One of those drawbacks was that the storage of the password on the IdP side (Home organisation) had to be either one of cleartext or NT-Hash (both of which being somewhat lame), and that support for more hashes and/or salting would need a new RFC. Stefan Winter of RESTENA reports that we're on our way to issue that new RFC. See http://tools.ietf.org/html/rfc5931

You'll notice that the following storage backends would be supported when this draft becomes an RFC:

  • a random salt with SHA-1
  • a random salt with SHA-256
  • a random salt with SHA-512

(length of the salt is not infinite, but some three-digit number)