Page 451 - From GMS to LTE
P. 451

Wireless Local Area Network (WLAN)  437

               This is the reason why no certificate has to be installed in the web browser to establish
               an encrypted connection to a web server.

               6.7.4  WPA and WPA2 Enterprise Mode Authentication – EAP‐TTLS

               Another EAP method found in practice is EAP‐TTLS (Tunneled Transport Layer Security).
               Instead of using certificates on the network and the client side, this EAP method only uses
               a certificate on the network side and a per‐user username / password combination on the
               client side. This way no certificates have to be installed on devices. In practice, use of this
               authentication scheme was, for example, observed by the author during a conference for
               which the organizers wanted to provide secure Internet connectivity over WLAN to
               attendees. The advantages over using WPA‐PSK with the same password are as follows:

                 Individual username / password combinations ensure that eavesdroppers cannot
               ●
                decode intercepted data frames even if they have observed the initial authentication
                dialog as described for WPA‐PSK above where all devices share the same password.
                 Client devices can verify during connection establishment that they are connecting to
               ●
                the correct network and are not being tricked into using a rogue access point of an
                attacker with the same SSID. This is done by validating the certificate and by using the
                public key in the certificate to encrypt the username / password exchange.
                Figure 6.24 shows a trace of how the EAP‐TTLS certificate authentication works in
               practice. After associating with the network, the WLAN access point asks for a
               username, which can be anonymous, and then tells the user that it wants to proceed
               with a TTLS‐EAP authentication procedure. The client device then answers with a
               ‘Client Hello’ packet that contains all cipher suites it supports. The network then
               selects a cipher suite and sends its signed certificate, which contains its public key to
               authenticate itself.





























               Figure 6.24  EAP‐TTLS certificate authentication. Source: Gerald Combs / Wireshark.
   446   447   448   449   450   451   452   453   454   455   456