Extensible Authentication Protocol Overview and Its Applications

Heung Youl YOUM
2009 IEICE transactions on information and systems  
The Extensible Authentication Protocol (EAP) is an authentication framework that supports multiple authentication mechanisms [38] between a peer and an authentication server in a data communication network. EAP is used as a useful tool for enabling user authentication and distribution of session keys. There are numerous EAP methods that have been developed by global SDOs such as IETF, IEEE, ITU-T, and 3GPP. In this paper, we analyze the most widely deployed EAP methods ranging from the EAP-TLS
more » ... 27] to the EAP-PSK [25] . In addition, we derive the security requirements of EAP methods meet, evaluate the typical EAP methods in terms of the security requirements, and discuss the features of the existing widely-deployed EAP methods. In addition, we identify two typical use cases for the EAP methods. Finally, recent global standardization activities in this area are reviewed. key words: EAP, IKEv2, EAP-MD5, EAP-TLS, PEAP, TLS
doi:10.1587/transinf.e92.d.766 fatcat:bvq4vmrwrve63harw7nsclv4mm