EAP-pwd and NT-Password

Brian Candler b.candler at pobox.com
Thu Oct 6 17:39:46 CEST 2016

I am looking at testing EAP-pwd [^1] as an alternative to PEAP for 
wireless authentication.

The documentation in FreeRADIUS is unclear as to what authorization 
attributes are required, but digging into the source it appears to be a 
cleartext password:

                 pw = fr_pair_find_by_num(fake->control, 0, 
                 if (!pw) {
                         REDEBUG("Failed to find password for %s to do 
pwd authentication", session->peer_id);
                         return RLM_MODULE_REJECT;

Now, RFC 5931 offers three options, and one of them is to use the 
MSCHAPv2 password hash:

"   o   RFC 2759: The input password string SHALL be processed to produce
        the output PasswordHashHash, as defined in [RFC2759]


    The Prep field represents the password pre-processing technique (see
    Section 2.7.2) to be used by the client prior to generating the
    password seed (see Section 2.8.3).  This document defines the
    following values for the Prep field:

    o   0x00 : None

    o   0x01 : RFC2759

    o   0x02 : SASLprep"

This would be *really* convenient, as then I could use the 
control:NT-Password that I already use for PEAP. (The user database is 
FreeIPA and doesn't store cleartext passwords, but does have the NT hash)

I see the "prep" field and constant definitions are in the source, e.g. 
EAP_PWD_PREP_MS, but the code appears to be fixed to EAP_PWD_PREP_NONE 
at the moment.

Is this something which has already been considered?


Brian Candler.

[^1] It seems that EAP-pwd and EAP-EKE have the same goal, of doing 
strong mutual authentication with a password. I haven't been able to 
find any comparison of the strengths and weaknesses of these protocols. 
But EAP-pwd has the advantage of being deployable: it's supported by 
Android and by FreeRADIUS.

More information about the Freeradius-Users mailing list