Journal of the Indian Institute of Science

The EAP-TLS is a de-facto authentication protocol in 802.11i system. This protocol provides digital certificatebased mutual authentication. The protocol performs secure password-based client/supplicant authentication instead of certificate-based authentication. This paper illustrates the modifications on EAP-TLS protocol to achieve secure password-based user/client authentication, achieving the goal of EAP-TTLS without forming a logical tunnel between a supplicant and authentication server. A comparison between the proposed technology and EAPTTLS brings out the performance enhancements possible with this technology. The proposed system supports an optional mutual password-based authentication during session resumption.

EAP; TLS; TTLS; AVP; PRF; MD5; SHA; PMK; MAC; RADIUS