Content deleted Content added
m move external links from body of article to "External links" |
|||
Line 1:
The '''Lightweight Extensible Authentication Protocol''' (LEAP) is a proprietary wireless LAN authentication method developed by [[Cisco Systems]]. Important features of LEAP are dynamic [[Wired Equivalent Privacy|WEP]] keys and [[mutual authentication]] (between a wireless client and a [[RADIUS]] server). LEAP allows for clients to reauthenticate frequently; upon each successful authentication, the clients acquire a new WEP key (with the hope that the WEP keys don't live long enough to be cracked).
== Security Considerations ==
LEAP uses a modified version of [[MS-CHAP]], an [[authentication]] protocol in which user credentials are not strongly protected. Stronger authentication protocols employ a [[salt (cryptography)|salt]] to strengthen the credentials against eavesdropping during the authentication process. Cisco's [http://www.cisco.com/warp/public/707/cisco-sn-20030802-leap.shtml response] to the weaknesses of LEAP suggests that network administrators either force users to have stronger, more complicated [[passwords]] or move to another authentication protocol also developed by Cisco, [[EAP-FAST]], to ensure security. Automated tools like [http://asleap.sourceforge.net/ ASLEAP] demonstrate the simplicity of getting unauthorized access in networks protected by LEAP implementations.
==External links==
*[http://www.cisco.com/web/partners/pr46/pr147/partners_pgm_concept_home.html Cisco Compatible Extensions Program]
| |||