Clancy, T.
and Hoeper, K.
(2009),
Making the Case for EAP Channel Bindings, 2009 IEEE Sarnoff Symposium proceedings, published through IEEEXplore, Princeton, NJ, US, [online], https://doi.org/10.1109/SARNOF.2009.4850319, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=901206
(Accessed May 7, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Making the Case for EAP Channel Bindings
Published
Author(s)
T. C. Clancy,
Abstract
In current networks that use EAP and AAA for authenticated admission control, such as WiFi, WiMAX, and various 3G internetworking protocols, a malicious base station can advertise false information to prospective users in an effort to manipulate network access in some way. This can result a number of attacks ranging from traffic herding to manipulation of roaming agreements between operators. To address this problem, "EAP Channel Bindings" can be used to validate information advertised during the network discovery phase after keying material has been derived. The back-end authentication service can ensure the consistency of the advertised information with its configured policy. Using protected communications channels already specified within many existing EAP methods will allow for the authenticated transport of the channel binding data. Standardization activities currently exist within the IETF to implement this technique.Proceedings Title
2009 IEEE Sarnoff Symposium proceedings, published through IEEEXplore
Conference Dates
March 30-April 1, 2009
Conference Location
Princeton, NJ, US
Conference Title
2009 IEEE Sarnoff Symposium (SARNOFF '09)
Pub Type
Conferences
Download Paper
Keywords
AAA, EAP, lying NAs threat, lying provider threat, network access authentication
Citation
Created March 29, 2009, Updated October 12, 2021