eap Mailing List: RE: Confidentiality of TLS keying information for wireless

[Tschofenig Hannes (hannes.tschofenig]

# hi frank, 
 
# let me give you a short response to your question: 

        From: Frank Akujobi [mailto:fakujobi [at] sce.carleton.ca] 
        Sent: Monday, August 09, 2004 5:27 PM
        To: eap [at] frascone.com
        Subject: [eap] Confidentiality of TLS keying information for
wireless
        
        
        Hi,
        I have a couple of questions concerning wireless clients using
EAP-TLS
        authentication against a radius server:
        
        1. Are all the TLS session negotiations between supplicant (on the
        client) and authenticator (AP) sent in the clear?

# some of them are sent in clear. do not consider this as a problem. nearly
all authentication and key exchange protocols cannot protect the first few
messages. the protocol designers consider this fact in the protocol design
and the security considerations. 

 In other words is there
        any form of confidentiality for TLS keying information?
# yes. NO keying material is sent in clear over the wire.

        
        2. If there is none, what prevents a potential attacker from
listening
        in on TLS sessions and eventually gathering enough information (like
the
        session key and eventually WEP keys) to launch a man-in-the-middle
attack?

# as bernard noted the tls handshake is a modern authentication and key
exchange protocol which provides protection against these types of attacks. 

# ciao
# hannes


        
        Thanks,
        
        Frank Akujobi, M.A.Sc.
        Network Analyst
        Computing and Communications Services
        Carleton University
        (613) 520-2600 x 2291