Presentation is loading. Please wait.

Presentation is loading. Please wait.

EAP Password Authenticated eXchange (PAX)

Published byEmil Barber Modified over 6 years ago

Similar presentations

Presentation on theme: "EAP Password Authenticated eXchange (PAX)"— Presentation transcript:

1 EAP Password Authenticated eXchange (PAX)
draft-clancy-eap-pax-02 T. Charles Clancy William A. Arbaugh Department of Computer Science University of Maryland, College Park IETF 62, EAP WG March 10, 2005

2 PAX Overview / Features
Simple shared-key mutual authentication Extended mode supports provisioning and identity protection Supports key management with forward secrecy using Diffie-Hellman Extensible ciphersuite

3 Changes Since -01 Consolidated PAX_STD with certificate and PAX_IDP into the 3RT PAX_SEC supports provisioning supports identity protection PAX_SEC requires public key, but not certificate removed server-side NAI from protocol/hashes

4 PAX_STD X,Y = rand(2256) If keyUpdate then A = gX, B = gY, E = gXY
else A = X, B = Y, E = (X || Y) {AK’, CK, SessionKeys} = PRF(AK || E || KeyName) Client Server A B, CID, MACCK(A, B, CID) MACCK(B, CID) ACK

5 PAX_SEC (secure mode) Client Server M, PK, [CertPK] EncPK (M, N, CID)
A, MACN(A, CID) B, MACCK(A, B, CID) MACCK(B, CID) ACK

6 Desired EAP-PAX Future
standards-track draft EAP WG document to accomplish: EAP WG charter needs to be amended suggest charter work item: “10. standardization of EAP methods”

Download ppt "EAP Password Authenticated eXchange (PAX)"

Similar presentations

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
EAP-Only Authentication in IKEv2 draft-eronen-ipsec-ikev2-eap-auth

EAP-Only Authentication in IKEv2 draft-eronen-ipsec-ikev2-eap-auth
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.

EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
Master Thesis Proposal By Nirmala Bulusu Advisor – Dr. Edward Chow Implementation of Protected Extensible Protocol (PEAP) – An IEEE 802.1x wireless LAN.

Master Thesis Proposal By Nirmala Bulusu Advisor – Dr. Edward Chow Implementation of Protected Extensible Protocol (PEAP) – An IEEE 802.1x wireless LAN.
Authentication System

Authentication System
SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.

SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16, 2003 1300 - 1500.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.
Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.

Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.
Eugene Chang EMU WG, IETF 70

Eugene Chang EMU WG, IETF 70
EAP Bluetooth Extension Draft-kim-eap-bluetooth-00 Hahnsang Kim (INRIA), Hossam Afifi (INT), Masato Hayashi (Hitachi)

EAP Bluetooth Extension Draft-kim-eap-bluetooth-00 Hahnsang Kim (INRIA), Hossam Afifi (INT), Masato Hayashi (Hitachi)
Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.
Doc.: IEEE 802.11-08/0394r0 Submission March 2008 Dorothy Stanley, Aruba NetworksSlide 1 IEEE 802.11-IETF Liaison Report Date: 2008-03-19 Authors:

Doc.: IEEE /0394r0 Submission March 2008 Dorothy Stanley, Aruba NetworksSlide 1 IEEE IETF Liaison Report Date: Authors:
ProjectIEEE 802.20 Working Group on Mobile Broadband Wireless Access TitleIEEE 802.20 MBWA Security Architecture.

ProjectIEEE Working Group on Mobile Broadband Wireless Access TitleIEEE MBWA Security Architecture.
EAI WG meeting IETF-65, March 20, 2006. Agenda 17:40 Welcome, blue sheet, scribe, agenda bashing 17:50 Review of WG charter (approved) 17:55 Problem/framing:

EAI WG meeting IETF-65, March 20, Agenda 17:40 Welcome, blue sheet, scribe, agenda bashing 17:50 Review of WG charter (approved) 17:55 Problem/framing:
UMD D EPARTMENT OF C OMPUTER S CIENCE D O D L ABORATORY FOR T ELECOMMUNICATION S CIENCES EAP-PAX draft-clacy-eap-pax-05 T. Charles Clancy

UMD D EPARTMENT OF C OMPUTER S CIENCE D O D L ABORATORY FOR T ELECOMMUNICATION S CIENCES EAP-PAX draft-clacy-eap-pax-05 T. Charles Clancy

Similar presentations

Ads by Google