DOC PREVIEW
Chico CSCI 693 - Protected Extensible Authentication Protocol

This preview shows page 1-2-3-23-24-25-26-47-48-49 out of 49 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 49 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Table of Contents1 Introduction1.1 Glossary1.2 References1.2.1 Normative References1.2.2 Informative References1.3 Protocol Overview (Synopsis)1.4 Relationship to Other Protocols1.5 Prerequisites/Preconditions1.6 Applicability Statement1.7 Versioning and Capability Negotiation1.8 Vendor-Extensible Fields1.9 Standards Assignments2 Messages2.1 Transport2.2 Message Syntax2.2.1 EAP Packet2.2.2 PEAP Packet2.2.3 TLV2.2.4 Vendor-Specific TLV2.2.5 EAP Expanded Types2.2.6 EAP Extensions Methods2.2.6.1 EAP TLV Extensions Method2.2.6.1.1 Cryptobinding TLV2.2.6.1.2 Result TLV2.2.6.1.3 SoH Response TLV2.2.6.2 SoH EAP Extensions Method2.2.6.2.1 SoH Request TLV2.2.6.2.2 SoH TLV3 Protocol Details3.1 Common Details3.1.1 Abstract Data Model3.1.2 Timers3.1.3 Initialization3.1.4 Higher-Layer Triggered Events3.1.5 Message Processing Events and Sequencing Rules3.1.5.1 Status and Error Handling3.1.5.2 PEAP Packet Processing3.1.5.3 Version Negotiation3.1.5.4 Phase 1 (TLS Tunnel Establishment)3.1.5.5 SoH Transmission3.1.5.6 Cryptobinding3.1.5.6.1 Input Data Used in the Cryptobinding HMAC-SHA1-160 Operation3.1.5.6.2 Key Used in the Cryptobinding HMAC-SHA1-160 Operation3.1.5.6.2.1 PEAP Tunnel Key (TK)3.1.5.6.2.2 Intermediate PEAP MAC Key (IPMK) and Compound MAC Key (CMK)3.1.5.7 Phase 2 (EAP Encapsulation)3.1.6 Key Management3.1.7 Timer Events3.1.8 Other Local Events3.2 Peer Details3.2.1 Abstract Data Model3.2.2 Timers3.2.3 Initialization3.2.4 Higher-Layer Triggered Events3.2.5 Message Processing Events and Sequencing Rules3.2.5.1 Status and Error Handling3.2.5.2 EAP Packet Processing3.2.5.3 Phase 1 (TLS Tunnel Establishment)3.2.5.4 SoH Request Processing3.2.5.5 SoH Response Processing3.2.5.6 EAP Peer Cryptobinding Processing3.2.5.7 Phase 2 (EAP Encapsulation)3.2.6 Key Management3.2.7 Timer Events3.2.8 Other Local Events3.3 EAP Server Details3.3.1 Abstract Data Model3.3.2 Timers3.3.3 Initialization3.3.4 Higher-Layer Triggered Events3.3.5 Message Processing Events and Sequencing Rules3.3.5.1 Status and Error Handling3.3.5.2 EAP Packet Processing3.3.5.3 Phase 1 (TLS Tunnel Establishment)3.3.5.4 SoH Processing3.3.5.5 PEAP Server Cryptobinding Processing3.3.5.6 Phase 2 (EAP Encapsulation)3.3.6 Key Management3.3.7 Timer Events3.3.8 Other Local Events4 Protocol Examples4.1 Examples with No Support for Cryptobinding and SoH Processing4.1.1 Successful PEAP Phase 1 and 2 Negotiation4.1.2 Successful PEAP Phase 1 with Failed Phase 2 Negotiation4.1.3 Successful PEAP Phase 1 with Fast Reconnect4.2 Cryptobinding and SoH Processing Supported on EAP Server Only4.2.1 Successful PEAP Phase 1 and 2 Negotiation4.3 Cryptobinding and SoH Processing on EAP Server and EAP Peer4.3.1 Successful PEAP Phase 1 and 2 Negotiation4.3.2 Successful PEAP Phase 1 with Fast Reconnect4.3.3 Fallback to Full Authentication upon a Fast Reconnect Failure5 Security5.1 Security Considerations for Implementers5.1.1 Fast Reconnect5.1.2 Identity Verification5.1.3 Authentication Outcomes5.2 Index of Security Parameters6 Appendix A: Windows Behavior7 Index1 / 49 [MS-PEAP] – v20080828 Protected Extensible Authentication Protocol (PEAP) Specification Copyright © 2008 Microsoft Corporation. Release: Thursday, August 28, 2008 [MS-PEAP]: Protected Extensible Authentication Protocol (PEAP) Specification Intellectual Property Rights Notice for Protocol Documentation  Copyrights. This protocol documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you may make copies of it in order to develop implementations of the protocols, and may distribute portions of it in your implementations of the protocols or your documentation as necessary to properly document the implementation. This permission also applies to any documents that are referenced in the protocol documentation.  No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation.  Patents. Microsoft has patents that may cover your implementations of the protocols. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, the protocols may be covered by Microsoft’s Open Specification Promise (available here: http://www.microsoft.com/interop/osp). If you would prefer a written license, or if the protocols are not covered by the OSP, patent licenses are available by contacting [email protected].  Trademarks. The names of companies and products contained in this documentation may be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than specifically described above, whether by implication, estoppel, or otherwise. Tools. This protocol documentation is intended for use in conjunction with publicly available standard specifications and network programming art, and assumes that the reader either is familiar with the aforementioned material or has immediate access to it. A protocol specification does not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments you are free to take advantage of them. Revision Summary Date Revision History Revision Class Comments 03/14/2007 1.0 Version 1.0 release 04/10/2007 1.1 Version 1.1 release 05/18/2007 1.2 Version 1.2 release 06/08/2007 1.2.1 Editorial Revised and edited the technical content.2 / 49 [MS-PEAP] – v20080828 Protected Extensible Authentication Protocol (PEAP) Specification Copyright © 2008 Microsoft Corporation. Release: Thursday, August 28, 2008 Date Revision History Revision Class Comments 07/10/2007 1.2.2 Editorial Revised and edited the technical content. 08/17/2007 1.2.3 Editorial Revised and edited the technical content. 09/21/2007 2.0 Major Converted to unified format. 10/26/2007 2.0.1 Editorial Revised and edited the technical content. 01/25/2008 2.0.2 Editorial Revised and edited the technical content. 03/14/2008 2.1 Minor Updated the technical content. 06/20/2008 2.1.1 Editorial Revised and


View Full Document

Chico CSCI 693 - Protected Extensible Authentication Protocol

Download Protected Extensible Authentication Protocol
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Protected Extensible Authentication Protocol and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Protected Extensible Authentication Protocol 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?