ipsec October 2011 archive
Main Archive Page > Month Archives  > ipsec archives
ipsec: Re: [IPsec] eap-md5 based authentication

Re: [IPsec] eap-md5 based authentication

From: Yoav Nir <ynir_at_nospam>
Date: Tue Oct 25 2011 - 12:28:58 GMT
To: "Prashant Batra (prbatra)" <prbatra@cisco.com>, Glen Zorn <glenzorn@gmail.com>

No, you don't use the same password for calculating the AUTH payload.
>From section 2.15:

   There are two types of EAP authentication (described in
   Section 2.16), and each type uses different values in the AUTH
   computations shown above. If the EAP method is key-generating,
   substitute master session key (MSK) for the shared secret in the
   computation. For non-key-generating methods, substitute SK_pi and
   SK_pr, respectively, for the shared secret in the two AUTH

So the client in your case is going to use SK_pi.

If you don't mind the question, how did this come up? If you're writing
your own client, why not use something better than EAP-MD5 such as EAP-EKE
or EAP-pwd? If you're using a third-party client (like Microsoft's Win7
client) I think they're using EAP-MSChapv2. Where did you find a client
with EAP-MD5?


On 10/25/11 2:10 PM, "Prashant Batra (prbatra)" <prbatra@cisco.com> wrote:

>Thanks Yaov and Glen,
>I could successfully calculate the challenge response.
>Now, after the challenge response is successful, the server will send
>EAP-SUCCESS, then the client has to send a AUTH payload.
>As eap-md5 doesn't result in any key like eap-aka/sim, the client will
>use the same password(used for calculating challenge response) to
>calculate AUTH payload.
>If so, why there is an explicit auth required here. EAP-SUCCESS, can
>itself indicate that the client is authenticated.
>Maybe, it is required for some extra authentication?
>-----Original Message-----
>From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf
>Of Glen Zorn
>Sent: Tuesday, October 25, 2011 3:46 PM
>To: Yoav Nir
>Cc: ipsec@ietf.org; Prashant Batra (prbatra)
>Subject: Re: [IPsec] eap-md5 based authentication
>On 10/25/2011 3:35 PM, Yoav Nir wrote:
>> Hi Prashant.
>> I think in the challenge request, the first byte is the challenge
>> (usually 16) followed by the challenge itself, and then followed by
>> server name. I guess the reasoning is that this allows the client to
>> choose the correct password based on the server name.
>The format is defined in Section 4.1 of RFC 1994
>IPsec mailing list
>Scanned by Check Point Total Security Gateway.

IPsec mailing list