Date de l'exposé : 7 avril 2017
A Modular Security Analysis of EAP and IEEE 802.11
The Extensible Authentication Protocol (EAP) is a widely used three-party authentication framework that allows a client to connect to a wireless access point it does not share a secret with, using a mutually trusted server. EAP is often found in enterprise networks or large organizations to provide central key-management and user authentication; one prime example being the eduroam network.
In this talk I'll present a provable-security analysis of the EAP framework. Additionally, I will also cover the cryptographic handshake used within the wireless IEEE 802.11 protocol (Wi-Fi), which is very often used in combination with EAP (then usually referred to as WPA2-Enterprise).