Extensible Authentication Protocol (EAP) Password Authenticated Exchange
RFC 4746
Document Type RFC - Informational (November 2006; Errata)
Was draft-clancy-eap-pax (individual in sec area)
Authors Charles Clancy  , William Arbaugh 
Last updated 2020-01-21
Stream Internent Engineering Task Force (IETF)
Formats plain text html pdf htmlized (tools) htmlized with errata bibtex
Reviews
SECDIR Early Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4746 (Informational)
Action Holders
(None)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Russ Housley
Send notices to (None)
Email authors IPR References Referenced by Nits 
Network Working Group                                          T. Clancy
Request for Comments: 4746                                           LTS
Category: Informational                                       W. Arbaugh
                                                                     UMD
                                                           November 2006

               Extensible Authentication Protocol (EAP)
                    Password Authenticated Exchange

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2006).

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document defines an Extensible Authentication Protocol (EAP)
   method called EAP-PAX (Password Authenticated eXchange).  This method
   is a lightweight shared-key authentication protocol with optional
   support for key provisioning, key management, identity protection,
   and authenticated data exchange.

Table of Contents

   1. Introduction ....................................................2
      1.1. Language Requirements ......................................3
      1.2. Terminology ................................................3
   2. Overview ........................................................5
      2.1. PAX_STD Protocol ...........................................6
      2.2. PAX_SEC Protocol ...........................................7
      2.3. Authenticated Data Exchange ................................9
      2.4. Key Derivation ............................................10
      2.5. Verification Requirements .................................11
      2.6. PAX Key Derivation Function ...............................12
   3. Protocol Specification .........................................13
      3.1. Header Specification ......................................13
           3.1.1. Op-Code ............................................13
           3.1.2. Flags ..............................................14

Clancy & Arbaugh             Informational                      [Page 1]
RFC 4746                        EAP-PAX                    November 2006

           3.1.3. MAC ID .............................................14
           3.1.4. DH Group ID ........................................14
           3.1.5. Public Key ID ......................................15
           3.1.6. Mandatory to Implement .............................15
      3.2. Payload Formatting ........................................16
      3.3. Authenticated Data Exchange (ADE) .........................18
      3.4. Integrity Check Value (ICV) ...............................19
   4. Security Considerations ........................................19
      4.1. Server Certificates .......................................20
      4.2. Server Security ...........................................20
      4.3. EAP Security Claims .......................................21
           4.3.1. Protected Ciphersuite Negotiation ..................21
           4.3.2. Mutual Authentication ..............................21
           4.3.3. Integrity Protection ...............................21
           4.3.4. Replay Protection ..................................21
           4.3.5. Confidentiality ....................................21
           4.3.6. Key Derivation .....................................21
           4.3.7. Key Strength .......................................22
           4.3.8. Dictionary Attack Resistance .......................22
           4.3.9. Fast Reconnect .....................................22
           4.3.10. Session Independence ..............................22
           4.3.11. Fragmentation .....................................23
           4.3.12. Channel Binding ...................................23
           4.3.13. Cryptographic Binding .............................23
           4.3.14. Negotiation Attack Prevention .....................23
   5. IANA Considerations ............................................23
   6. Acknowledgments ................................................24
   7. References .....................................................24
      7.1. Normative References ......................................24
      7.2. Informative References ....................................25
   Appendix A. Key Generation from Passwords ........................ 27
   Appendix B. Implementation Suggestions ........................... 27
     B.1. WiFi Enterprise Network ................................... 27
     B.2. Mobile Phone Network ...................................... 28

1.  Introduction

   EAP-PAX (Password Authenticated eXchange) is an Extensible
   Authentication Protocol (EAP) method [RFC3748] designed for
   authentication using a shared key.  It makes use of two separate
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools