Thanks Yoav, I think I missed it somehow from the RFC.
Regarding the usage of EAP-MD5, it is just that the client should support all types of authentication, So even the weakest ones also and rfc-3748 says that md5-challenge is a must. Moreover, it is the server that has to decide what is the best suited auth mechanisms for a particular client. Regards, Prashant -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Yoav Nir Sent: Tuesday, October 25, 2011 5:59 PM To: Prashant Batra (prbatra); Glen Zorn Cc: [email protected] Subject: Re: [IPsec] eap-md5 based authentication No, you don't use the same password for calculating the AUTH payload. >From section 2.15: There are two types of EAP authentication (described in Section 2.16), and each type uses different values in the AUTH computations shown above. If the EAP method is key-generating, substitute master session key (MSK) for the shared secret in the computation. For non-key-generating methods, substitute SK_pi and SK_pr, respectively, for the shared secret in the two AUTH Computations. So the client in your case is going to use SK_pi. If you don't mind the question, how did this come up? If you're writing your own client, why not use something better than EAP-MD5 such as EAP-EKE or EAP-pwd? If you're using a third-party client (like Microsoft's Win7 client) I think they're using EAP-MSChapv2. Where did you find a client with EAP-MD5? Yoav On 10/25/11 2:10 PM, "Prashant Batra (prbatra)" <[email protected]> wrote: >Thanks Yaov and Glen, > >I could successfully calculate the challenge response. >Now, after the challenge response is successful, the server will send >EAP-SUCCESS, then the client has to send a AUTH payload. >As eap-md5 doesn't result in any key like eap-aka/sim, the client will >use the same password(used for calculating challenge response) to >calculate AUTH payload. >If so, why there is an explicit auth required here. EAP-SUCCESS, can >itself indicate that the client is authenticated. > >Maybe, it is required for some extra authentication? > >Regards, >Prashant > >-----Original Message----- >From: [email protected] [mailto:[email protected]] On Behalf >Of Glen Zorn >Sent: Tuesday, October 25, 2011 3:46 PM >To: Yoav Nir >Cc: [email protected]; Prashant Batra (prbatra) >Subject: Re: [IPsec] eap-md5 based authentication > >On 10/25/2011 3:35 PM, Yoav Nir wrote: > >> Hi Prashant. >> >> I think in the challenge request, the first byte is the challenge >length >> (usually 16) followed by the challenge itself, and then followed by >some >> server name. I guess the reasoning is that this allows the client to >> choose the correct password based on the server name. > >The format is defined in Section 4.1 of RFC 1994 > >... >_______________________________________________ >IPsec mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/ipsec > >Scanned by Check Point Total Security Gateway. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
