In this ATE answer, you indicate that Cisco's EAP FAST makes use of, or requires, server side certificates, but Cisco's Web site says EAP-FAST does not require any server-side certificates. Would you please elaborate on this apparent contradiction?
Good question. EAP-FAST allows for, but does not require, server side certificates.
Cisco's EAP-FAST Internet Draft includes two options for establishing a TLS tunnel through which to conduct phase 2 authentication: one uses server side certificates; the other does not. As described in section 7, EAP-FAST Provisioning, an encrypted unauthenticated tunnel can be established using TLS_DH_anon_WITH_AES_128_CBC_SHA, or an encrypted server authenticated tunnel can be established using TLS_DHE_RSA_WITH_AES_128_CBC_SHA.
Using an RSA-based Diffie-Hellman (DH) exchange in phase 1 authenticates at least the server by certificate during TLS tunnel establishment. Using anonymous Diffie-Hellman skips phase 1 authentication during tunnel establishment, deferring mutual authentication to phase 2. As noted in the draft, "This cipher suite [TLS_DH_anon_WITH_AES_128_CBC_SHA ] is used at the cost of some security strength to enable the minimization of deployment requirements" -- specifically, avoiding server side certificates. Known security risks are further explained in the Internet draft, along with techniques suggested to minimize those risks (e.g., one-time secrets used only for provisioning).
In short, if you find the risk acceptable, you can avoid server certificates entirely by using only preshared secrets. If you don't think that risk is worth the benefit, you can use a server certificate for secure-but-dynamic provisioning of shared secrets. In either case, you can use shared secrets after the first connection for faster mutual authentication based on symmetric instead of public key crypto.
Dig deeper on IP Networking
Related Q&A from Lisa Phifer, Wireless Networking Expert
Wireless expert Lisa A. Phifer explains to what extent WEP cracking remains a worrisome issue. It all depends on your company's WLAN security policy.continue reading
Wireless expert, Lisa Phifer explains that it may not be worth enhancing Wi-Fi ad hoc mode since Wi-Fi Direct is a better alternative for enabling ...continue reading
Wireless expert Lisa Phifer responds to a question regarding a Mi-Fi and Android smartphone mobile hotspot comparison. She provides an in depth ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.