VISVESVARAYA TECHNOLOGICAL UNIVERSITY

BELGAUM-590014

A SEMINAR REPORT ON
“EAP (Extensible Authentication Protocol)”

Submitted in partial fulfillment of the requirement for the award of

BACHELOR OF ENGINEERING IN

INFORMATION SCIENCE AND ENGINEERING

BY
POOJA RAVI (4VV06IS037)

Under the guidance of

Mr. Mahanth J H
Lecturer dept IS&E

THE DEPARTMENT OF INFORMATION SCIENCE AND ENGINEERING

VIDYA VARDHAKA COLLEGE OF ENGINEERING
GOKULAM III stage
MYSORE 570002
 THE DEPARTMENT OF INFORMATION SCIENCE AND

ENGINEERING

VIDYA VARDHAKA COLLEGE OF ENGINEERING

MYSORE

(Affiliated to Visvesvaraya Technological University, Belgaum)

CERTIFICATE

This is to certify that the seminar work entitled “EAP (Extensible

Authentication Protocol)” is a bonafide work carried out by POOJA
RAVI [4VV06IS037] in the partial fulfillment of the 8th semester,
Information Science and Engineering of the Visvesvaraya Technological
University, Belgaum during the academic year 2010.The seminar report has
been approved as it satisfies the academic requirements of the seminar work
prescribed by the University.

Guide H.O.D

Mr. Mahanth J H Sri Ravikumar V

Lecturer Asst Prof & HOD
IS&E, VVCE IS&E, VVCE
MYSORE MYSORE
 ACKNOWLEDGEMENT

The satisfaction that accompanies the successful completion of any task would be
incomplete without mention of the people, who made it possible, whose constant guidance
and encouragement crowned our efforts with success. I take this opportunity to express my
deepest gratitude and appreciation to all those who have helped me directly towards the
successful completion of this seminar.

I am grateful to Dr D Ramegowda, Principal, Vidya Vardhaka College of

Engineering, Mysore for his continual support throughout the course

I consider it a privilege to express my heartfelt gratitude and respect to

Mr. Ravikumar V, Asst.Professor & Head, Department of Information Science and
Engineering, V.V.C.E, Mysore, whose constant guidance and encouragement crowned my
efforts with success.

I would take this opportunity to express my sincere thanks to Internal Guide,

Mr.Mahanth.J.H for warm support and guidance throughout this seminar.

I would like to thank all my lecturers and friends from V.V.C.E. Mysore, for
their support and encouragement for seminar.

I would like to thank my family, for their encouragement throughout my life and the
post-graduate study.

Once again I convey my acknowledgement to all people directly or indirectly

associated with me and completion of seminar. I thank one and all.

POOJA RAVI
 ABSTRACT

Communication is an inseparable part of social life. Written, Oral, or Signed; there are
many ways of communication. Now machines play a greater role in the establishment of
communication between two units. When we communicate we do so according to some
rules. For example, both should understand a common language may be a rule for
starters. But machines on the other hand need a complex set of rules as they have no
intelligence and to secure our communiqué is our responsibility. So we have developed a
number of methods and rules in order to protect our privacy. These rules are clubbed
together as “Protocols”. This documentation presents one such set of protocols that are
used to confirm the identity of a person so that he can communicate with others without
any obstruction and prevent any one else trying to pry or eavesdrop in an ongoing
communication. These protocols are called Extensible Authentication Protocols. They
identify a user and his requirements as he tries to connect to the network. Then the server
gets the authentication for what are the resources and methods he is entitled to use.

On completion of this process the channel being requested is secured and becomes ready
to use. Once the communication starts the work of the protocol is limited to keep the
channel protected. Thus EAP ensures the privacy and security of a connection for
individual users.
 TABLE OF CONTENTS

1. Introduction…………………………………………………………………1

2. PPPEAP…………………………………………………………………….2

2.1 Configuration Option Format………………………………………..3

2.2 Packet Format………………………………………………………..3

2.3 Request and Response……………………………………………….4

2.4 Success and Failure…………………………………………………..6

3. Initial EAP Request/Response Types……………………………………...8

3.1 Identity……………………………………………………………....9

3.2 Notification…………………………………………………………..9

3.3 Nak………………………………………………………………….10

3.4 MD-5 Challenge……………………………………………………..11

3.5 One Time Password………………………………………………....12

3.6 Generic Token Card………………………………………………....12

4. Security Considerations…………………………………………………....13

5. The Variants of EAP…………………………………………………….....14

5.1 LEAP………………………………………………………………...14

5.2 EAP TLS……………………………………………………………..15

5.3 EAP TTLS…………………………………………………………....16

5.4 EAP IKE v2…………………………………………………………..16

5.5 PEAP………………………………………………………………....17

6. Advantages and Disadvantages………………………………………….....18

Conclusion

Reference