CWSP- EAP FAST

Tags

,

EAP-FAST (Flexible Authentication via Secure Tunneling) initially developed by Cisco. Later in 2007, IETF ratified this in RFC 4851. Cisco developed this as replacement for LEAP. EAP-FAST provide both mutual authentication & tunnelled authentication without using standard based X.509 digital certificate to create TLS tunnels, instead use PACs (Protected Access Credentials)

A PAC can consist of 3 components
1. Shared Secret – PAC key
2. Opaque Element – PAC-Opaque
3. Other Information – PAC Info

Below shows the EAP-FAST process diagram (page 155-CWSP Official Study Guide) which consist of 3 phases.

1. Phase 0 – Used for automatic PAC provisioning.
2. Phase 1 – Supplicant send outer identity. AS & Supplicant negotiate using symmetric key from PAC shared secret. Result of this phase is TLS tunnel.
3. Phase 2 – Supplicant validated within TLS tunnel. It supports several inner authentication methods, commonly use EAP-GTC when username & password used as client identity info.

EAP-FAST-20Here is a EAP-FAST authentication frame capture (Supplicant MAC 00:1b:d4:58:e6:1a)

EAP-FAST-01EAP-FAST Phase-1 process start with Authenticator sends an “Identity Request” frame to supplicant (step 4a).EAP-FAST-02Then supplicant respond with “Identity Response” with outer identity detail in cleartext (step 4b). In here Supplicant use “anonymous” as Identity which is not real username.EAP-FAST-03Then Authenticating Server send the EAP-FAST start message. (step 6). Note that EAP type is 43 which is EAP-FAST.EAP-FAST-3.5Below diagram(source) shows the details packet flow of rest of phase 1 (step 7 & 8 of process diagram).

EAP-FAST-19Then supplicant start sending client PAC (Protected Access Credential) information starting with Client Hello.

EAP-FAST-04Then AS will send “Server Hello” to Supplicant.
EAP-FAST-05Then Supplicant send “Change Cipher Spec” frame to AS to complete the TLS tunnels establishment part (step 8).EAP-FAST-06That point onwards all EAP frame exchange will be TLS encrypted. Phase 2 start with Identity Request & Identity Response where real username is send inside TLS tunnel.  Here are those 2 frames.

EAP-FAST-08EAP-FAST-09Then two more EAP-Request & Response frame exchange in optional PAC refresh.
EAP-FAST-10EAP-FAST-11EAP-FAST phase 2 is ends with Successful result communicate to Supplicant & Supplicant send ACK for within TLS tunnel. Here are those two frames in my capture.EAP-FAST-12EAP-FAST-13Once the above frame exchanged, TLS tunnel torn down & RADIUS Accept is coming from AS. Then Authenticator will pass it to Supplicant as normal EAP-Success frame (step 13)EAP-FAST-14Then 4-Way Handshake takes place (step 14-17).

Note that when using Automatic PAC provisioning, it is subject to man in the middle attack where supplicant simply trust anyone who provide PAC. If you install PAC manually on client side you can overcome this, but it becomes administrative burden.

Reference
1. EAP-FAST-7921 sample packet capture.
2. CWSP Official Study Guide – Chapter 4

Related Posts

1. CWSP- EAP Basics
2. CWSP- EAP PEAP
3. CWSP- EAP LEAP
4. CWSP- EAP TLS
5. CWSP- EAP TTLS
6. CWSP- EAP MD5

 

 

Follow

Get every new post delivered to your Inbox.

Join 258 other followers