Skip to main content

The Compound Authentication Binding Problem

Document Type Expired Internet-Draft (individual)
Expired & archived
Author Jose Puthenkulam
Last updated 2003-10-27
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


There are several motivations for using compound authentication methods using tunnels, but man-in-the-middle attacks have been found in these protocols under certain circumstances. They occur when the inner methods used inside a tunnel method are also used outside it, without cryptographically binding the methods together. At the time of writing this document, several protocols being proposed within the IETF were vulnerable to these attacks, including IKE with XAUTH, PIC, PANA over TLS, EAP TTLS and PEAP. This document studies the problems and suggests potential solutions to mitigate them. We also provide a reference solution for an EAP tunneling protocol like PEAP.


Jose Puthenkulam

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)