In this ATE answer, you indicate that Cisco's EAP FAST makes use of, or requires, server side certificates, but...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Cisco's Web site says EAP-FAST does not require any server-side certificates. Would you please elaborate on this apparent contradiction? Good question. EAP-FAST allows for, but does not require, server side certificates.
Cisco's EAP-FAST Internet Draft includes two options for establishing a TLS tunnel through which to conduct phase 2 authentication: one uses server side certificates; the other does not. As described in section 7, EAP-FAST Provisioning, an encrypted unauthenticated tunnel can be established using TLS_DH_anon_WITH_AES_128_CBC_SHA, or an encrypted server authenticated tunnel can be established using TLS_DHE_RSA_WITH_AES_128_CBC_SHA.
Using an RSA-based Diffie-Hellman (DH) exchange in phase 1 authenticates at least the server by certificate during TLS tunnel establishment. Using anonymous Diffie-Hellman skips phase 1 authentication during tunnel establishment, deferring mutual authentication to phase 2. As noted in the draft, "This cipher suite [TLS_DH_anon_WITH_AES_128_CBC_SHA ] is used at the cost of some security strength to enable the minimization of deployment requirements" -- specifically, avoiding server side certificates. Known security risks are further explained in the Internet draft, along with techniques suggested to minimize those risks (e.g., one-time secrets used only for provisioning).
In short, if you find the risk acceptable, you can avoid server certificates entirely by using only preshared secrets. If you don't think that risk is worth the benefit, you can use a server certificate for secure-but-dynamic provisioning of shared secrets. In either case, you can use shared secrets after the first connection for faster mutual authentication based on symmetric instead of public key crypto.
Dig Deeper on IP Networking
Related Q&A from Lisa Phifer
Need to send an email, check your flight's status or get ready for a presentation? You can do it all on your smartwatch, thanks to a slew of Apple ...continue reading
New and improved management features have made Android devices more suitable for enterprise use, and API and EMM tools can streamline the device ...continue reading
Whether you need a basic open source mobile device management tool for your company's Apple or Android devices, or something more customized, you ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.