| RE: Re: Confidentiality of TLS keying information for wireless | <– Date –> <– Thread –> |
From: Frank Akujobi (fakujobi sce.carleton.ca)
|
|
| Date: Tue, 10 Aug 2004 00:40:29 -0400 (EDT) | |
Aboba, Thanks for your response. I understand how TLS provides mutual authentication and key exchange. I also understand that data frames sent after the key negotiations are encrypted and from that stand point a man-in-the-middle attack can be prevented. However my question was directed towards the confidentiality of the signaling process (more like the management frames NOT data frames) between the client and server before session key and WEP keys are generated. Is the signaling traffic itself encrypted? Pls find my comments within: ------------------------------------------------------------------------ ---- "Hi, I have a couple of questions concerning wireless clients using EAP-TLS authentication against a radius server: 1. Are all the TLS session negotiations between supplicant (on the client) and authenticator (AP) sent in the clear? In other words is there any form of confidentiality for TLS keying information? 2. If there is none, what prevents a potential attacker from listening in on TLS sessions and eventually gathering enough information (like the session key and eventually WEP keys) to launch a man-in-the-middle attack? Thanks Frank ------------------------------------------------------------------------ - As noted in Section 3 of [Rescorla], when server certificate authentication is supported, the server sends its certificate to the client in the Certificate message. The client then responds with the ClientKeyExchange message, in which it encrypts a randomly chosen PreMasterSecret and encrypts it using the server's public key. The server subsequently demonstrates receipt of the PreMasterSecret (and possession of the private key corresponding to the public enclosed within its certificate) by using it in the calculation of the Finished message. ------------------------------------------------------------------------ ---- >From your comments about section 3, I would be concerned as to whether the "Certificate message" sent from the server was encrypted and if so with what key? ------------------------------------------------------------------------ ---- As noted in Section 4 of [Rescorla] when the client authentication is supported and certificates are used, client authentication is initiated by the server sending a CertificateRquest message to the client. The client responds by sending a Certificate message to the server as well as a CertificateVerify message, which is signed with the private key associated with the transmitted client certificate. The client therefore demonstrates possession of the private key corresponding to the public key enclosed within its certificate. ------------------------------------------------------------------------ ---- Also from your comments about section 4, I would be concerned as to whether the "Certificate message" for the client to server was encrypted. ------------------------------------------------------------------------ ---- Thanks Frank. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.709 / Virus Database: 465 - Release Date: 22/06/2004
-
Confidentiality of TLS keying information for wireless Frank Akujobi, August 9 2004
-
Re: Confidentiality of TLS keying information for wireless Bernard Aboba, August 9 2004
- RE: Re: Confidentiality of TLS keying information for wireless Frank Akujobi, August 9 2004
- RE: Re: Confidentiality of TLS keying information for wireless Bernard Aboba, August 10 2004
-
Re: Confidentiality of TLS keying information for wireless Bernard Aboba, August 9 2004
- RE: Confidentiality of TLS keying information for wireless Tschofenig Hannes, August 10 2004
Results generated by Tiger Technologies using MHonArc.