PEAP vs. TTLS and forward secrecy (was: Re: WPA2 Client Authentication using Radius and remote LDAP server)

Hans-Christian Esperer hc at
Thu Sep 20 16:26:55 CEST 2018


On Thu, Sep 20, 2018 at 06:43:29AM -0400, Alan DeKok wrote:
> On Sep 20, 2018, at 2:15 AM, Hans-Christian Esperer <hc at> wrote:
> > Is there any advantage of TTLS over PEAP security wise?
>   Not a lot.  They're both based on EAP-TLS, so they share that security.

Okay, thank you. I know this is not related to this thread anymore, but could
you elaborate a bit on the "Not a lot"?

Another question, while we're at it: I just read about WPA3 and realized that
WPA2-PSK does not offer forward secrecy. AFAICT EAP-TLS, TTLS and PEAP *do*
provide forward secrecy, as long as the TLS handshake establishes a session key
via diffie hellman. Correct?

Now I wonder whether EAP-PWD, which uses a PSK per user, also provides forward
secrecy? My assumption is that it doesn't.


More information about the Freeradius-Users mailing list