| Vulnerability in TLS-based EAP protocols | <– Date –> <– Thread –> |
From: Yao Zhao (yzhao cs.northwestern.edu)
|
|
| Date: Mon, 24 Nov 2008 11:19:33 -0800 (PST) | |
|
Description
of issue We found that for TLS-based EAP protcols (such as EAP-TLS, EAP-TTLS and PEAP) can be easily attacked so that the users cannot got authenticated. The attack on PEAP was implemented and tested on a large university wireless networks using PEAP. Submitter name: Yao Zhao Submitter email address: yzhao [at] cs.northwestern.edu Date first submitted: Nov 24, 2008 Reference: www.cs.northwestern.edu/~yzhao/papers/errormsg.pdf Length description of problem: The attack targets the TLS protocol, which is widely used in many EAP protocols such as PEAP, EAP-TLS, EAP-TTLS and EAP-FAST. Therefore, all the TLS based EAP protocols will be vulnerable to this attack. An attacker sniffs the communication between the wireless client and the access point, inspecting the authentication procedure through the Handshake protocol of TLS. Triggered by some messages, the attacker spoofs a corresponding FATAL ALERT messages to make the TLS authentication fail. Specifically, the attacker can spoof to be either the authentication server or the client to fool the other side. Please see more details in the pdf file provided above. |
-
Vulnerability in TLS-based EAP protocols Yao Zhao, November 24 2008
- Re: Vulnerability in TLS-based EAP protocols Bernard Aboba, November 24 2008
Results generated by Tiger Technologies using MHonArc.