Slide 35
Slide 35 text
WPA Enterprise
ೝূํࣜ આ໌ αʔόೝূ ΫϥΠΞϯτೝূ
MD5 CHAP ͳ͠ CHAPʹΑΔUser/Passೝূ
LEAP
CISCOಠࣗɹνϟϨϯδํࣜ
༷ඇެ։
੬ऑੑ͋Γʢ͍͚ͬͯͳ͍ʣ
νϟϨϯδํࣜ νϟϨϯδํࣜ
PEAP
CISCO, MS, RSA SecurityʹΑΔTTLSํࣜ
v0, (v1, v2)͕ଘࡏ͢Δ͕ɺެࣜඪ४༷ॻଘࡏ͠ͳ͍
ূ໌ॻʹΑΔೝূ
EAP (ͦͷதͷԿΛ༻͢Δ͔ఆ
Ί͍ͯͳ͍ɻσϑΝΫτͱͯ͠
v0͔ͭMSCHAPv2)
FAST
RFC4851
(΄΅CISCOಠࣗ)
αʔόূ໌ॻͳ͠ʹTTLSΛ࣮ݱ͢ΔLEAPͷൃలܥن֨ɻͨͩ͠ɺ
ূ໌ॻ༻Λڧ͘ਪ͍ͯ͠ΔͨΊଘࡏҙ͕ٛෆ໌ɻ
νϟϨϯδํࣜ
( MSCHAPv2 )
νϟϨϯδํࣜ
( MSCHAPv2 )
TTLS RFC5281(2008)
αʔόূ໌ॻʹΑΔ҉߸τϯωϧͰΫϥΠΞϯτೝূΛߦ͏
ূ໌ॻʹΑΔೝূ
PAP, CHAP, MSCHAP,
MSCHAPv2, EAP
TLS RFC5216(2008) ূ໌ॻʹΑΔೝূ ূ໌ॻʹΑΔೝূ
ͦͷଞͷEAPϓϩτίϧ
0 Reserved 12 KEA-VALIDATE 24 EAP-3Com Wireless 36 Cogent Systems Biometrics Authentication EAP 48 EAP-SAKE
1 Identity 13 EAP-TLS 25 PEAP 37 AirFortress EAP 49 EAP-IKEv2
2 Notification 14 Defender Token (AXENT) 26 MS-EAP-Authentication 38 EAP-HTTP Digest 50 EAP-AKA'
3 Legacy Nak 15 RSA Security SecurID EAP 27 Mutual Authentication w/Key Exchange (MAKE) 39 SecureSuite EAP 51 EAP-GPSK
4 MD5-Challenge 16 Arcot Systems EAP 28 CRYPTOCard 40 DeviceConnect EAP 52 EAP-pwd
5 One-Time Password (OTP) 17 EAP-Cisco Wireless (LEAP) 29 EAP-MSCHAP-V2 41 EAP-SPEKE 53 EAP-EKE Version 1
6 Generic Token Card (GTC) 18 GSM Subscriber Identity Modules (EAP-SIM) 30 DynamID 42 EAP-MOBAC 54 EAP Method Type for PT-EAP
7 Allocated 19 SRP-SHA1 31 Rob EAP 43 EAP-FAST 55 TEAP
8 Allocated 20 Unassigned 32 Protected One-Time Password (POTP) 44 ZoneLabs EAP (ZLXEAP) 56-191 Unassigned
9 RSA Public Key Authentication 21 EAP-TTLS 33 MS-Authentication-TLV 45 EAP-Link 192-253 Unassigned
10 DSS Unilateral 22 Remote Access Service 34 SentriNET 46 EAP-PAX 254 Reserved for the Expanded Type
11 KEA 23 EAP-AKA Authentication 35 EAP-Actiontec Wireless 47 EAP-PSK 255 Experimental