Master Thesis Proposal By Nirmala Bulusu Advisor - PowerPoint PPT Presentation

About This Presentation
Title:

Master Thesis Proposal By Nirmala Bulusu Advisor

Description:

Implementation of Protected Extensible Protocol (PEAP) An IEEE 802.1x wireless LAN standard for authentication Master Thesis Proposal By Nirmala Bulusu – PowerPoint PPT presentation

Number of Views:234
Avg rating:3.0/5.0
Slides: 12
Provided by: nbu68
Category:

less

Transcript and Presenter's Notes

Title: Master Thesis Proposal By Nirmala Bulusu Advisor


1
Master Thesis ProposalBy Nirmala BulusuAdvisor
Dr. Edward Chow
  • Implementation of Protected Extensible Protocol
    (PEAP) An IEEE 802.1x wireless LAN standard for
    authentication

2
What is PEAP ?
  • PEAP is an 802.1x authentication protocol
    typically designed for access control in wireless
    LANs
  • It makes use of two well known protocols
  • Extensible Authentication Protocol
  • Transport Layer Security

3
IEEE 802.1x - Overview
  • Is a port based access control mechanism.
  • Transports data between the Client (Supplicant)
    and the server RADIUS

4
What is EAP ?
  • Protocol for communication between Supplicant and
    an Authenticator
  • EAP messages encrypted directly over a LAN medium
    EAPOL defined
  • Access Point Authenticator forwards these EAP
    messages encapsulated in RADIUS packets to RADIUS
    server
  • EAP allows authenticator to serve only as an
    carrier without needing to know the EAP
    authentication protocol type.

5
EAPTLS
  • Transport Layer Security TLS exchange of
    messages provides mutual authentication with both
    client and server validating each other via
    certificates.
  • Imposes substantial administrative burden
  • Requires a full fledged PKI infrastructure
    support established.
  • The client certificates must be managed, revoked
    and distributed

6
Need for PEAP
  • Wireless AP broadcasts all traffic hence can
    easily collect data if within the broadcast range
  • PEAP answers this by transmitting user-sensitive
    data in an encrypted channel - the established
    TLS tunnel
  • Wireless Encryption seen to be weak
  • Using PEAP the data within the tunnel cannot be
    decrypted without the TLS master secret and the
    key is not shared with the Access point
  • With PEAP only server side PKI infrastructure
    based digital certificates are used to
    authenticate EAP servers.

7
EAP TLS Test Bed in LAB
8
Goal of Thesis
  • Implement a basic server-side working model of
    the PEAP protocol on a Linux Server based on the
    IETF internet draft proposal www.ietf.org/interne
    t-drafts/ draft-josefsson-pppext-eap-tls-eap-06.tx
    t
  • Perform a comparison between the two 802.1x EAP
    standards TTLS and PEAP.
  • Deliverables
  • A thesis report documenting the implementation
    details of the PEAP module on freeradius and
    xsupplicant. Should also include the
    configuration details of the wireless network
    set-up and lessons learned in this thesis
    project.
  • The source code of the PEAP module.

9
Thesis Plan
  • Work Done Till Date
  • Installing and Configuring the Client Side
    software Xsupplicant www.open1x.org
  • Installing and configuring Radius Server -
    FreeRadius www.freeradius.org
  • Installing and configuring OpenSSL.
    www.openssl.org
  • Set-up a test bench to test EAP-TLS with the
    above configured software.
  • Running Xsupplicant, Cisco AP-1200 and FreeRadius
    with EAP type set to TLS. Successfully
    established the Authentication.

10
Thesis Plan Contd.
  • Work in Progress
  • Study and analyze both the Client Xsupplicant
    and Server side Free Radius implementations of
    the IEEE 802.1x EAP protocol.
  • Work to be done
  • Implement the Server Side Code with PEAP modules
    to authenticate PEAP Users.
  • Configure Xsupplicant, FreeRadius and the Access
    Point to support EAP type PEAP.
  • Test the implementation of the PEAP modules.
  • Run and test Xsupplicant, Cisco AP-1200 and
    FreeRadius set-up configured to EAP type TTLS and
    EAP type PEAP.
  • Study and analyze the logs showing the protocol
    handshakes using packages like ethereal and
    tcpdump.
  • Compare performance of the two protocols TTLS and
    PEAP.
  • Write Thesis

11
References
  • 1 Protected EAP (IETF draft, work in progress)
    March 2003 http//www.globecom.net/ietf/draft/dra
    ft-josefsson-pppext-eap-tls-eap-06.html
  • 2 IEEE 802.1X Port Based Network Access
    Control, by Paul Congdon http//www.ieee802.org/1
    /files/public/docs2000/P8021XOverview.PDF
  • 3 The Unofficial 802.11 Security Web Page.
    Security analyses of 802.11
  • http//www.drizzle.com/aboba/IEEE/
  • 4 PPP Extensible Authentication
    Protocolhttp//www.ietf.org/rfc/rfc2284.txt
  • 5 PPP EAP-TLS Authentication Protocol
    http//www.ietf.org/rfc/rfc2284.txt
  • 6 PEAP Product Documentation
    http//www.microsoft.com/technet/treeview/default.
    asp?url/technet/prodtechnol/windowsserver2003/pro
    ddocs/entserver/sag_ias_protocols_peap.asp
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Master Thesis Proposal By Nirmala Bulusu Advisor " is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!