eap Mailing List: Re: Re: [802.1] Re: 802.1X interface variable

[Yoshihiro Ohba (yohba]

On Mon, Jan 12, 2004 at 08:40:37PM -0500, John Vollbrecht wrote:
> >>The question is that suppose one uses TLS host only authentication (not
> >>mutual).  Is it possible for (master) keys to be derived at
> >>authenticator  and peer?  I think this is possible and desirable for
> >>allowing access to a  walled garden environment.  Am I wrong?
> >>
> >
> >That case is another form of Case C).  I think host only
> >authentication is as vulnerable to rogue NAS attack as server only
> >authentication.  How the host can know whether it is connected to the
> >walled garden instead of the attacker's network without authenticating
> >the server?
> 
> I think a stardard case would be to have the user authenticate the server 
> using TLS, then authenticate some other way over the protected connection 
> into the walled garden.   For example one might setup a VPN from the 
> client to an edge device leaving the walled garden. In this case I don't 
> think it is necessary to do  mutual authentication initially.

As long as two one-way authentications in different directions are
cryptographically bound, it is ok.  But it actually forms a mutual
authentication if we view the combined authentications as a unified
mechanism (e.g., the EAP usage in IKEv2).

Yoshihiro Ohba