eap-7----Page:13
1 2 3 4 5 6 7 8 9 10 11 12 13 14
|
Security Requirements (cont’d) Protection against man-in-the-middle attacks Per-packet authentication, integrity and replay protection at each leg of the triangle EAP method Uses TEKs to provide security services Typically doesn’t cover EAP header or Identity, Notification, Success/Failure packets AAA protocol Transmission layer security (IPsec, TLS) RFC 2869bis now has IPsec as a SHOULD TSK derivation protocol Example: IEEE 802.11i |