question archive Case Project 8-3: EAP The EAP- TLS, or Transport Layer Security, can run a process for certificate based and mutual authentication on both the client and the network

Case Project 8-3: EAP The EAP- TLS, or Transport Layer Security, can run a process for certificate based and mutual authentication on both the client and the network

Subject:Computer SciencePrice: Bought3

Case Project 8-3: EAP

The EAP- TLS, or Transport Layer Security, can run a process for certificate based and mutual authentication on both the client and the network. The idea relies on both client and server side to determine if the certificates can carry out the authentication so that it may use a user-based and session-based WEP key. All are used to establish a safe and successful communication between the WLAN client and the access point. Furthermore, both the client and server side certificates must be regulated. It has however found universal support from various wireless vendors on the market since it has been considered to be the most secure EAP standards. EAP-TLS protocol provides the strongest authentication and comprehensive security compared to other competing protocols. A cracked password is not enough to break into a system that has executed EAP-TLS when the client-side certificate is employed. Employing EAP-TLS effectively eliminates the attacker's capability to execute a rogue access point attack. The fact of the matter is a rogue actor requires access to the certificate in order to gain entrance into the system since the password is only used for encrypting the certificate itself. 

EAP-TTLS is a type of EAP protocol that was developed as an extension of EAP-TLS. This protocol provides a certificate based, mutual authentication of the client and network through an encrypted channel or tunnel, including deriving a dynamic per user, per session WEP keys. EAP-TTLS requires only server-side certificates, unlike EAP-TLS. This protocol feature assists to simplify the overall setup procedure needed to support the protocol by eradicating the need for a certificate to be established on every network client. The server can utilize the established tunnel or secure connection to additionally authenticate the client once the server computing device has been authenticated to the client. EAP-TTLS protocol has a high security although cannot be compared with EAP-TLS which is more superior. It can also be utilized with an existing infrastructure to integrate legacy passwords or databases while the tunnel aids to secure the information from the MITM or eavesdropping attacks. The end user's name is not transmitted in the clear while employing EAP-TTLS in which it assists to enhance the overall level of security. 

EAP-FAST was developed by Cisco and it authenticates through protected access credentials Instead of utilizing a certificate to accomplish mutual authentication. The PAC is employed to establish a TLS tunnel in which client credentials are verified and can be allocated at one time to the client either by manually or automatically. EAP-FAST utilizes shared secret keys to speed up 802.1X reauthentication. Public key cryptography is appropriate since two parties can authenticate each other without knowing each other beforehand. EAP-FAST protocol also has high security. It utilizes secret keys that can be pre-shared or assigned during an initial longer public key authentication. It accomplishes security by developing the same secure encrypted tunnel employed to secure user credentials during the authentication session without the requirement of PKI on the client and server end.

All protocols in the WPA2 Enterprise have their strengths and weaknesses in terms of security while also being comfortable enough to the point where everyone can securely acquire information. Firstly the EAP-TLS provides great protection by keeping the connection personalized and authorized by both the server certificate and client certificate via the server, the connection will not be established without both which is why EAP-TLS is the most reliable and secure protocol in the WPA2 Enterprise. While trustworthy it has a single flaw and it is that it has authentication failure and does not verify the certificates 100 percent of the time. The EAP-TTLS is an extension of the TTLS but is way more user friendly because of the password and token system in place that allows more people to use the protocol at once rather than a way for verification of certificates on both sides, for this protocol only one is needed and cuts the wait time significantly. The biggest flaw of this protocol is that if the clients don't have strong passwords or 16-digit tokens there lies a possibility of a security breach. The EAP-FAST is the most user-friendly protocol out of the rest because there is no need for strong passwords or strong tokens to begin with and unlike TTLS it is the simplest protocol to understand out of the three. Internet security is crucial in modern society, it is important to maintain the use of WPA2 enterprise  effectively and efficiently in order to protect every individual's security. 

 

pur-new-sol

Purchase A New Answer

Custom new solution created by our subject matter experts

GET A QUOTE