Description
The Extensible Authentication Protocol (EAP) is a widely used three-party authentication framework that allows a client to connect to a wireless access point it does not share a secret with, using a mutually trusted server. EAP is often found in enterprise networks or large organizations to provide central key-management and user authentication; one prime example being the eduroam network.<br/> In this talk I'll present a provable-security analysis of the EAP framework. Additionally, I will also cover the cryptographic handshake used within the wireless IEEE 802.11 protocol (Wi-Fi), which is very often used in combination with EAP (then usually referred to as WPA2-Enterprise).