Abstract

Extensible Authentication Protocol (EAP) was designed to provide a general structure for several different authentication methods. IEEE 802.1X uses EAP as an authentication tool. The IEEE 802.1X standard defines a client-server authentication and access control protocol that restricts unauthorized users from connecting to a network. This paper aims at using penetration testing to conduct security assessment of some IEEE 802.1x Port-Based Authentication protocols (PEAP, EAP-TTLS and Inner Authentication Method MSCHAPv2 and PAP). Vulnerabilities identified were exploited using Kali Linux with its Aircrack-ng tools.

References

• Kissi, M. K. and Asante, M., (2020). Penetration Testing of IEEE 802.11 Encryption Protocols Using Kali Linux Hacking Tools. International Journal of Computer Applications (0975 – 8887) Volume 176 – No. 32, June 2020.
• Kothaluru, R. T. and Youshah, M. S. M., (2012). Evaluation of EAP Authentication Methods in Wired and Wireless Networks. School of Computing, Blekinge Institute of Technology, Sweden.
• Kachhara, S. and Kumar, K. A., (2018). Implementation of IEEE 802.1x Port-based Authentication Mechanism for Ethernet. International Journal of Computer Trends and Technology (IJCTT) – Volume 64 Number 1 – October 2018.
• Kumar, U., Kumar, P. and Gambhir, S., (2014). Analysis and Literature Review of IEEE 802.1x (Authentication) Protocols. International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 2249 – 8958, Volume-3, Issue-5, June 2014
• Thomas, T. and Stoddard, D., (2011). Network Security First-Step, Second Edition, Indianapolis, Cisco press, ch. 6, pp. 169-192.
• IEEE Computer Society, (2012). Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE Standard, IEEE, March 2012.
• Baheti, Akshay, (2015). "Extensible Authentication Protocol Vulnerabilities and Improvements". Retrieved from http://scholarworks.sjsu.edu/etd_projects/425 (Accessed on November 20, 2016)
• Robyns P., (2014). Wireless Network Privacy. Hasselt University
• Strand L., (2004). Logical port entities diagram. Retrieved from http://www.tldp.org/HOWTO/8021X-HOWTO/intro.html. (Accessed on July 6, 2018)
• Wikimedia (2010). 802.1X involved protocols diagram. Retrieved from http://upload.wikimedia.org/wikipedia/commons/1/1f/802.1X_wired_protocols.png. (Accessed on July 7, 2018).
• Aboba B., Levkowetz E. H., Vollbrecht J., Carlson J., and Blunk L., “Extensible Authentication Protocol (EAP)”. RFC 3748, IETF, June 2004.
• Blunk L. and Vollbrecht J., (1998). PPP Extensible Authentication Protocol (EAP). RFC 2284, IETF, March 1998.
• Memon A. Q., Raza A. H. and Iqbal S., (2010). WLAN Security. Halmstad University School of Information Science, Computer and Electrical Engineering. Technical report, IDE1013, April 2010.
• Aboba B., and Calhoun P., (2003). RADIUS support for EAP. RFC 3579, IETF, September 2003.
• Congdon P., Aboba B., Smith A., Zorn G., and Roese J., (2003). IEEE 802.1X RADIUS Usage Guidelines. RFC 3580, IETF, September 2003.
• Madjid N. and Mahsa N., (2005). “AAA and Network Security for Mobile Access: RADIUS, DIAMETER, EAP, PKI and IP Mobility”. John Wiley & Sons Ltd. The Atrium, Southern Gate, Chichester, West Sussex P0198SQ, England. ISBN-13 978-0-470-01194-2. January 2005.
• Ramachandran, V. (2011), BackTrack 5 Wireless Penetration Testing, Master Bleeding Edge Wireless Testing Techniques with BackTrack 5: Packt Publishing, Birmingham UK
• Macnally C., (2001). Cisco LEAP protocol description. Protocol description, IETF, September 2001.
• Gast M., (2004). TTLS and PEAP Comparison. InteropNet Labs. Retrieved from www.opus1.com/www/whitepapers/ ttlsandpeap.pdf (Accessed on December 29, 2017).
• Interlink Networks, Inc (2003). Configuring PEAP and TTLS in the Interlink Networks RAD-Series and Secure.XS RADIUS Servers.
• Hoeper K. and Chen L., (2009). Recommendation for EAP Methods Used in Wireless Network Access Authentication. Computer Security Division Information Technology Laboratory, NIST Special Publication 800-120, September 2009.
• Gast M., (2004). Inner Authentication Methods, InteropNet Labs. Retrieved from www.opus1.com/www/whitepapers/8021xinnerauthmethods.pdf. (Accessed on December 29, 2017).
• Schneier B., Mudge, and Wagner D., (1999). Cryptanalysis of Microsoft's PPTP Authentication Extensions. CQRE '99, October 1999.
• Eisinger J., (2001). Exploiting known security holes in Microsoft's PPTP Authentication Extensions (MS-CHAPv2). University of Freiburg
• Rahbar, A. (2012). Weaknesses in MS-CHAPv2 authentication. Retrieved from https://blogs.technet.microsoft.com/srd/2012/08/20/weaknesses-in-ms-chapv2-authentication (Accessed on July 16, 2018)
• Ghering M., (2016). Evil Twin vulnerabilities in Wi-Fi networks. Radboud University
• Rebane R., (2016). Security of passwords in Eduroam. University of Tartu, Institute of Computer Science, Computer Science Curriculum.
• Marlinspike M., (2012). Divide and Conquer: Cracking MS-CHAPv2 with a 100via Internet Archive: Wayback Machine, July 2012. Retrieved from https://web.archive.org/web/20160316174007/https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/. (Accessed on September 7, 2018).
• Lamotte W., Robyns P., Bonné B., Quax P., (2014). Exploiting WPA2 Enterprise Vendor Implementation Weaknesses through Challenge Response Oracles. Hasselt University.