AES-GCM
Phil Mayers
p.mayers at imperial.ac.uk
Fri May 24 13:21:47 CEST 2013
On 24/05/13 11:44, Pieter Hulshoff wrote:
> Hello all,
>
> Does FreeRADIUS support AES-GCM in EAP-TLS? I couldn't find the term in the
> documentation, the wiki or the mailinglist archives, but perhaps I'm looking
> in the wrong place?
Typically this is down the TLS libraries; it's not usually the case that
the application needs to do anything.
That said, EAP-TLS is typically TLS 1.0. AIUI, AEAD ciphers require TLS
1.2 - see section 4 of RFC 5288. But again, FreeRADIUS doesn't involve
itself in this level of detail - that's an aspect of the TLS library
(OpenSSL) we use, and whatever the EAP-TLS client is using.
Note also that EAP-TLS (unlike other TLS-based EAP methods, such as PEAP
or TTLS) never actually sends any data over the TLS session;
essentially, it consists solely of the handshake. In TLS terms, EAP-TLS
never sends any TLS records of type=23 (application data). So, the
negotiated cipher is not used for very much.
PEAP and TTLS have "inner" EAP exchanges, that are protected with the
TLS session, and sent as TLS type=23 records.
Slightly OT, there seems to be some degree of uncertainty about GCM in
general, and whether it's a sensible cipher mode - for example, see
http://www.imperialviolet.org/2013/01/13/rwc03.html
More information about the Freeradius-Users
mailing list