Protected Extensible Authentication Protocol: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 20:32, 28 July 2006 edit 68.20.10.237 (talk) →External links ← Previous edit		Latest revision as of 16:36, 5 July 2024 edit undo GreenC bot (talk \| contribs) Bots 3,056,212 edits Reformat 1 archive link; Move 1 url. Wayback Medic 2.5 per WP:URLREQ#zdnet.com
(130 intermediate revisions by 94 users not shown)
Line 1: {{Short description\|Protocol that encapsulates Extensible Authentication Protocol}} : ''PEAP is also an acronym for [[Personal Egress Air Packs]].'' <span lang="English" dir="ltr">The</span> '''Protected Extensible Authentication Protocol''', also known as '''Protected EAP''', or simply '''PEAP''' ~~(pronounced ''"peep"'')~~, is a ~~method~~protocol tothat ~~securely~~encapsulates ~~transmit~~the [[~~authentication]]~~Extensible ~~information,~~Authentication ~~including [[password~~Protocol]]s, ~~over~~(EAP) ~~[[wireless~~within ~~LAN\|wireless~~an ~~network]]s.~~encrypted Itand ~~was jointly developed by~~authenticated [[~~Microsoft]],~~Transport ~~[[RSA~~Layer Security]] ~~and~~(TLS) [[~~Cisco~~tunneling ~~Systems~~protocol\|tunnel]].<ref>{{cite ~~It is an [[IETF]] [[open standard]]. Note that '''PEAP''' is not an encryption protocol; as with other EAP types it only authenticates a client into a network.~~ news \| url=https://www.zdnet.com/home-and-office/networking/understanding-the-updated-wpa-and-wpa2-standards/ \| title=Understanding the updated WPA and WPA2 standards \| work=ZDNet \| author= \| date=2005-06-02 \| access-date=2012-07-17 }} </ref><ref>Microsoft's PEAP version 0, [//tools.ietf.org/html/draft-kamath-pppext-peapv0-00 draft-kamath-pppext-peapv0-00], §1.1</ref><ref name="peapv2-10_abstract">Protected EAP Protocol (PEAP) Version 2, [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-10 draft-josefsson-pppext-eap-tls-eap-10], abstract</ref><ref>Protected EAP Protocol (PEAP) Version 2, [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-10 draft-josefsson-pppext-eap-tls-eap-10], §1</ref> The purpose was to correct deficiencies in EAP; EAP assumed a protected communication channel, such as that provided by physical security, so facilities for protection of the EAP conversation were not provided.<ref>Protected EAP Protocol (PEAP) Version 2, [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-07 draft-josefsson-pppext-eap-tls-eap-07], §1</ref> PEAP was jointly developed by [[Cisco Systems]], [[Microsoft]], and [[RSA Security]]. PEAPv0 was the version included with [[Microsoft]] [[Windows XP]] and was nominally defined in [//tools.ietf.org/html/draft-kamath-pppext-peapv0-00 draft-kamath-pppext-peapv0-00]. PEAPv1 and PEAPv2 were defined in different versions of ''draft-josefsson-pppext-eap-tls-eap''. PEAPv1 was defined in [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-00 draft-josefsson-pppext-eap-tls-eap-00] through [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-05 draft-josefsson-pppext-eap-tls-eap-05],<ref>Protected EAP Protocol (PEAP), [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-05 draft-josefsson-pppext-eap-tls-eap-05], §2.3</ref> and PEAPv2 was defined in versions beginning with [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-06 draft-josefsson-pppext-eap-tls-eap-06].<ref>Protected EAP Protocol (PEAP), [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-06 draft-josefsson-pppext-eap-tls-eap-06], §2.3</ref> PEAP uses only [[server-side]] [[public key certificate]]s to authenticate clients by creating an [[encryption\|encrypted]] [[Secure Sockets Layer\|SSL]]/[[Transport Layer Security\|TLS]] [[Tunneling protocol\|tunnel]] between the client and the authentication server, which protects the ensuing exchange of authentication information from casual inspection. The protocol only specifies chaining multiple EAP mechanisms and not any specific method.<ref name="peapv2-10_abstract"/><ref>Protected EAP Protocol (PEAP) Version 2, [//tools.ietf.org/html/draft-josefsson-pppext-eap-tls-eap-10 draft-josefsson-pppext-eap-tls-eap-10], §2</ref> However, use of the [[EAP-MSCHAPv2]] and [[EAP-GTC]] methods are the most commonly supported.{{Citation needed\|date=April 2010}} '''PEAP''' is a joint proposal by [[Cisco Systems]], [[Microsoft]] and [[RSA Security]] as an open standard. It is already widely available in products, and provides very good security. It is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication. ==Overview== As of May of 2005, there were two PEAP sub-types certified for the updated WPA and WPA2 standard. They are:▼ PEAP is similar in design to [[EAP-TTLS]], requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication, and uses [[server-side]] [[public key certificate]]s to authenticate the server. It then creates an [[encryption\|encrypted]] [[Transport Layer Security\|TLS]] [[tunneling protocol\|tunnel]] between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server's public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping. ▲As of May of 2005, there were two PEAP sub-types certified for the updated [[Wi-Fi Protected Access\|WPA]] and [[WPA2]] standard. They are: * PEAPv0/EAP-MSCHAPv2 * PEAPv1/EAP-GTC PEAPv0 and PEAPv1 both refer to the outer authentication method and are the mechanisms that create the secure TLS tunnel to protect subsequent authentication transactions. EAP-MSCHAPv2 and [[Extensible Authentication Protocol#EAP-GTC\|EAP-GTC]] refer to the inner authentication methods which provide user or device authentication. A third authentication method commonly used with PEAP is [[Extensible Authentication Protocol#EAP-SIM\|EAP-SIM]]. == PEAPv0/EAP-MSCHAPv2 ==▼ ~~PEAPv0/EAP-MSCHAPv2 is the most common form of PEAP in use, and what is usually referred to as PEAP.~~ Within Cisco products, PEAPv0 supports inner EAP methods EAP-MSCHAPv2 and EAP-SIM while PEAPv1 supports inner EAP methods EAP-GTC and EAP-SIM. Since Microsoft only supports PEAPv0 and doesn't support PEAPv1, Microsoft simply calls it "PEAP" without the v0 or v1 designator. Another difference between Microsoft and Cisco is that Microsoft only supports the EAP-MSCHAPv2 method and not the EAP-SIM method. Behind EAP-TLS, PEAPv0/EAP-MSCHAPv2 is the second most widely supported EAP standard in the world. There are client and server implementations of it from various vendors, including support in all recent releases from [[Microsoft]], [[Apple Computer]] and [[Cisco Systems\|Cisco]]. Other implementations exist such as AEGIS from Meetinghouse and xsupplicant from the Open1x.org project.▼ However, Microsoft supports another form of PEAPv0 (which Microsoft calls PEAP-EAP-TLS) that many Cisco and other third-party server and client software don't support. PEAP-EAP-TLS requires client installation of a [[client-side]] [[digital certificate]] or a more secure smartcard. PEAP-EAP-TLS is very similar in operation to the original EAP-TLS but provides slightly more protection because portions of the client certificate that are unencrypted in EAP-TLS are encrypted in PEAP-EAP-TLS. Ultimately, PEAPv0/EAP-MSCHAPv2 is by far the most prevalent implementation of PEAP, due to the integration of PEAPv0 into [[Microsoft Windows]] products. Cisco's CSSC client (discontinued in 2008 <ref>{{Cite web\|title=End-of-Sale and End-of-Life Announcement for the Cisco Secure Services Client v4.0\|url=https://www.cisco.com/c/en/us/products/collateral/wireless/secure-services-client/EOL_c51-459086.html\|access-date=2021-05-04\|website=Cisco\|language=en}}</ref>) now supports PEAP-EAP-TLS. == PEAPv1/EAP-GTC ==▼ PEAPv1/EAP-GTC was created by Cisco as an alternative to PEAPv0/EAP-MSCHAPv2. It allows the use of an inner authentication protocol other than Microsoft’s MSCHAPv2. Even though Microsoft co-invented the PEAP standard, Microsoft never added support for PEAPv1 in general, which means PEAPv1/EAP-GTC has no native [[Windows]] OS support. Since Cisco has always favored the use of its own less secure proprietary LEAP and EAP-FAST protocols over PEAP and markets them as simpler certificate-less solutions, standardized PEAP is rarely promoted by Cisco. Cisco stands to gain a monopoly in the access point market if LEAP or EAP-FAST is universally adopted. As a result, most Cisco customers run Cisco's proprietary LEAP or EAP-FAST authentication protocols due to their promotion by Cisco. With no interest from Microsoft to support PEAPv1 and little interest from Cisco to promote PEAP in general, PEAPv1 authentication is rarely used. There is no native [[OS]] support for this EAP protocol. PEAP has been so successful in the market place that even [[Funk Software]] (acquired by [[Juniper Networks]] in 2005), the inventor and backer of [[EAP-TTLS]], added support for PEAP in their server and client software for wireless networks. '''Note''': The PEAP standard was created by Microsoft, Cisco, and RSA after EAP-TTLS had already come on the market. Even with its late start, Microsoft’s and Cisco’s size allowed them to quickly overtake EAP-TTLS in the market. Microsoft and Cisco parted ways when Microsoft only supported the PEAPv0 standard while Cisco supported both PEAPv0 and PEAPv1. PEAPv0 and PEAPv1 both refer to the outer authentication method and is the mechanism that creates the secure TLS tunnel to protect subsequent authentication transactions while EAP-MSCHAPv2, EAP-GTC, and EAP-SIM refer to the inner authentication method which facilitates user or device authentication. From Cisco’s perspective, PEAPv0 supports inner EAP methods EAP-MSCHAPv2 and EAP-SIM while PEAPv1 supports inner EAP methods EAP-GTC and EAP-SIM. Since Microsoft only supports PEAPv0 and doesn’t support PEAPv1, Microsoft simply calls PEAPv0 PEAP without the v0 or v1 designator. Another difference between Microsoft and Cisco is that Microsoft only supports PEAPv0/EAP-MSCHAPv2 mode but not PEAPv0/EAP-SIM mode. However, Microsoft supports another form of PEAPv0 (which Microsoft calls PEAP-EAP-TLS) that Cisco and other third-party server and client software don’t support. PEAP-EAP-TLS does require a [[client-side]] [[digital certificate]] located on the client’s hard drive or a more secure smartcard. PEAP-EAP-TLS is very similar in operation to the original EAP-TLS but provides slightly more protection due to the fact that portions of the client certificate that are unencrypted in EAP-TLS are encrypted in PEAP-EAP-TLS. Since few third-party clients and servers support PEAP-EAP-TLS, users should probably avoid it unless they only intend to use Microsoft desktop clients and servers. Ultimately, PEAPv0/EAP-MSCHAPv2 is the only form of PEAP that most people will ever know. PEAP is so successful in the market place that even Funk Software, the inventor and backer of [[EAP-TTLS]], had no choice but to support PEAP in their server and client software for wireless networks. ▲== PEAPv0/ with EAP-MSCHAPv2 == MS-CHAPv2 is an old authentication protocol which Microsoft introduced with NT4.0 SP4 and Windows 98. PEAPv0/EAP-MSCHAPv2 is the most common form of PEAP in use, and what is usually referred to as PEAP. The inner authentication protocol is [[Microsoft]]'s [[MS-CHAPv2\|Challenge Handshake Authentication Protocol]], meaning it allows authentication to databases that support the MS-CHAPv2 format, including Microsoft NT and Microsoft Active Directory. ▲Behind [[EAP-TLS]], PEAPv0/EAP-MSCHAPv2 is the second most widely supported EAP standard in the world. There are client and server implementations of it from various vendors, including support in all recent releases from [[Microsoft]], [[Apple Computer]] and [[Cisco Systems\|Cisco]]. Other implementations exist, such as ~~AEGIS from Meetinghouse and~~the [[xsupplicant]] from the Open1x.org project, and [[wpa_supplicant]]. As with other 802.1X and EAP types, [[dynamic encryption]] can be used with PEAP. A CA certificate must be used at each client to authenticate the server to each client before the client submits authentication credentials. If the CA certificate is not validated, in general it is trivial to introduce a fake Wireless Access Point which then allows gathering of [[MS-CHAPv2]] handshakes.<ref name="Man-in-the-Middle in Tunneled Authentication Protocols">{{cite web\|title=Man-in-the-Middle in Tunneled Authentication Protocols\|url=http://eprint.iacr.org/2002/163.pdf\|publisher=Nokia Research Center\|accessdate=14 November 2013}}</ref> Several weaknesses have been found in MS-CHAPv2, some of which severely reduce the complexity of brute-force attacks making them feasible with modern hardware.<ref>{{Cite web \|date=2016-03-16 \|title=Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate \|url=https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ \|archive-url=https://web.archive.org/web/20160316174007/https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ \|archive-date=2016-03-16 \|access-date=2022-10-19 }}</ref> ▲== PEAPv1/ with EAP-GTC == PEAPv1/[[EAP-GTC]] was created by Cisco to provide interoperability with existing token card and directory based authentication systems via a protected channel. Even though Microsoft co-invented the PEAP standard, Microsoft never added support for PEAPv1 in general, which means PEAPv1/EAP-GTC has no native [[Microsoft Windows\|Windows]] OS support. Since Cisco has typically recommended lightweight EAP protocols such as [[Lightweight Extensible Authentication Protocol\|LEAP]] and [[EAP-FAST]] protocols instead of PEAP, the latter has not been as widely adopted as some had hoped. With no interest from Microsoft to support PEAPv1 and no promotion from Cisco, PEAPv1 authentication is rarely used.{{when\|date=April 2010}} Even in [[Windows 7]], released in late 2009, Microsoft has not added support for any other authentication system other than MSCHAPv2. [[Nokia E66]] and later mobile phones ship with a version of [[Symbian]] which includes EAP-GTC support. LDAP (Lightweight Directory Access Protocol) only supports EAP-GTC.{{citation needed\|date=March 2017}} ==References== {{Reflist}} * [http://blogs.zdnet.com/Ou/index.php?p=67 http://blogs.zdnet.com/Ou/index.php?p=67] - Understanding the updated WPA and WPA2 standards. ==External links== * {{cite IETF * [http://www.potaroo.net/ietf/idref/draft-josefsson-pppext-eap-tls-eap/ draft-josefsson-pppext-eap-tls-eap] - The PEAP protocol specifications▼ \|title=Microsoft's PEAP version 0 (Implementation in Windows XP SP1) * [http://www.tinypeap.com/ http://www.tinypeap.com/] - PEAP on WRT54G access points (Has not been updated for some time). \|draft=draft-kamath-pppext-peapv0-00 \|last1=Kamath \|first1=Vivek \|author1-link= \|last2=Palekar \|first2=Ashwin \|author2-link= \|last3=Wodrich \|first3=Mark \|author3-link= \|date=25 October 2002 \|publisher=[[Internet Engineering Task Force\|IETF]] \|accessdate= }} ▲* [http://www.potaroo.net/ietf/idref/draft-josefsson-pppext-eap-tls-eap/ draft-josefsson-pppext-eap-tls-eap] - The ~~PEAP~~EAP-TLS protocol specifications <!-- * [http://articles.techrepublic.com.com/5100-1035-6148579.html Configure RADIUS for secure 802.1x wireless LAN] * [http://articles.techrepublic.com.com/5100-1035-6148560.html How to self-sign a RADIUS server for secure PEAP or EAP-TTLS authentication] --> {{Authentication APIs}} [[Category:Cryptographic protocols]]▼ [[Category:Open standards]]▼ ▲[[Category:Open standards]] ~~[[fr:PEAP]]~~ ▲[[Category:~~Cryptographic~~Computer access control protocols]] ~~[[nl:PEAP]]~~ [[Category:Transport Layer Security]]