PEAP vs. TTLS and forward secrecy (was: Re: WPA2 Client Authentication using Radius and remote LDAP server)
hc at hcesperer.org
Thu Sep 20 16:26:55 CEST 2018
On Thu, Sep 20, 2018 at 06:43:29AM -0400, Alan DeKok wrote:
> On Sep 20, 2018, at 2:15 AM, Hans-Christian Esperer <hc at hcesperer.org> wrote:
> > Is there any advantage of TTLS over PEAP security wise?
> Not a lot. They're both based on EAP-TLS, so they share that security.
Okay, thank you. I know this is not related to this thread anymore, but could
you elaborate a bit on the "Not a lot"?
Another question, while we're at it: I just read about WPA3 and realized that
WPA2-PSK does not offer forward secrecy. AFAICT EAP-TLS, TTLS and PEAP *do*
provide forward secrecy, as long as the TLS handshake establishes a session key
via diffie hellman. Correct?
Now I wonder whether EAP-PWD, which uses a PSK per user, also provides forward
secrecy? My assumption is that it doesn't.
More information about the Freeradius-Users