On Sep 20, 2018, at 10:26 AM, Hans-Christian Esperer <hc@hcesperer.org> wrote:
Not a lot. They're both based on EAP-TLS, so they share that security.
Okay, thank you. I know this is not related to this thread anymore, but could you elaborate a bit on the "Not a lot"?
They can both carry MS-CHAP inside of the TLS tunnel. Only TTLS can do PAP or CHAP, or other EAP methods. PEAP can do EAP-GTC, which is sort of PAP if you look hard enough. Both can do client certificates, tho Windows doesn't support it.
Another question, while we're at it: I just read about WPA3 and realized that WPA2-PSK does not offer forward secrecy. AFAICT EAP-TLS, TTLS and PEAP *do* provide forward secrecy, as long as the TLS handshake establishes a session key via diffie hellman. Correct?
Now I wonder whether EAP-PWD, which uses a PSK per user, also provides forward secrecy? My assumption is that it doesn't.
Forward secrecy depends on the cipher suite you select. So "it all depends" is the best answer. Alan DeKok.