Implementation of EAP-TTLS for network access authentication based on diameter EAP application

Yuki Atsuya, Souheil Ben Ayed, Fumio Teraoka

Research output: Contribution to journalArticle

Abstract

Diameter Base Protocol is a protocol for AAA (Authentication, Authorization, and Accounting), which was designed as a successor of RADIUS. For specific AAA purposes, several Diameter Applications are defined on Diameter Base Protocol. Diameter EAP Application is one of Diameter Applications that aims at network access control. EAP (Extensible Authentication Protocol) is a generic authentication protocol that supports several authentication methods called EAP methods. EAP-TTLS is one of EAP methods. EAP-TTLS is a superior authentication method that achieves strong security and is easy to deploy. This paper implements the first open source of EAP-TTLS server that runs on Diameter EAP Application. Our implementation supports four main authentication methods (PAP, CHAP, MS-CHAP, and MS-CHAPv2). As a result of working test, it was made sure that our EAP-TTLS server could authenticate several terminals using Windows, Linux, iOS (iPad), and Android. The measurement results show that the authentication time is short enough for practical operation. In addition, this paper describes the details how to implement EAP-TTLS on Diameter EAP Application as one of EAP methods. It also describes the details how to implement authentication methods in EAP-TTLS server. One of the purposes of this paper is that this paper becomes a guide for those who implement another EAP method on Diameter EAP application and those who implement another authentication method on EAP-TTLS.

Original languageEnglish
Pages (from-to)130-145
Number of pages16
JournalComputer Software
Volume29
Issue number4
Publication statusPublished - 2012 Nov

Fingerprint

Authentication
Network protocols
Servers
Computer terminals

ASJC Scopus subject areas

  • Software

Cite this

Implementation of EAP-TTLS for network access authentication based on diameter EAP application. / Atsuya, Yuki; Ayed, Souheil Ben; Teraoka, Fumio.

In: Computer Software, Vol. 29, No. 4, 11.2012, p. 130-145.

Research output: Contribution to journalArticle

@article{a36bed4e8c194b408c9e34ea504ae220,
title = "Implementation of EAP-TTLS for network access authentication based on diameter EAP application",
abstract = "Diameter Base Protocol is a protocol for AAA (Authentication, Authorization, and Accounting), which was designed as a successor of RADIUS. For specific AAA purposes, several Diameter Applications are defined on Diameter Base Protocol. Diameter EAP Application is one of Diameter Applications that aims at network access control. EAP (Extensible Authentication Protocol) is a generic authentication protocol that supports several authentication methods called EAP methods. EAP-TTLS is one of EAP methods. EAP-TTLS is a superior authentication method that achieves strong security and is easy to deploy. This paper implements the first open source of EAP-TTLS server that runs on Diameter EAP Application. Our implementation supports four main authentication methods (PAP, CHAP, MS-CHAP, and MS-CHAPv2). As a result of working test, it was made sure that our EAP-TTLS server could authenticate several terminals using Windows, Linux, iOS (iPad), and Android. The measurement results show that the authentication time is short enough for practical operation. In addition, this paper describes the details how to implement EAP-TTLS on Diameter EAP Application as one of EAP methods. It also describes the details how to implement authentication methods in EAP-TTLS server. One of the purposes of this paper is that this paper becomes a guide for those who implement another EAP method on Diameter EAP application and those who implement another authentication method on EAP-TTLS.",
author = "Yuki Atsuya and Ayed, {Souheil Ben} and Fumio Teraoka",
year = "2012",
month = "11",
language = "English",
volume = "29",
pages = "130--145",
journal = "Computer Software",
issn = "0289-6540",
publisher = "Japan Society for Software Science and Technology",
number = "4",

}

TY - JOUR

T1 - Implementation of EAP-TTLS for network access authentication based on diameter EAP application

AU - Atsuya, Yuki

AU - Ayed, Souheil Ben

AU - Teraoka, Fumio

PY - 2012/11

Y1 - 2012/11

N2 - Diameter Base Protocol is a protocol for AAA (Authentication, Authorization, and Accounting), which was designed as a successor of RADIUS. For specific AAA purposes, several Diameter Applications are defined on Diameter Base Protocol. Diameter EAP Application is one of Diameter Applications that aims at network access control. EAP (Extensible Authentication Protocol) is a generic authentication protocol that supports several authentication methods called EAP methods. EAP-TTLS is one of EAP methods. EAP-TTLS is a superior authentication method that achieves strong security and is easy to deploy. This paper implements the first open source of EAP-TTLS server that runs on Diameter EAP Application. Our implementation supports four main authentication methods (PAP, CHAP, MS-CHAP, and MS-CHAPv2). As a result of working test, it was made sure that our EAP-TTLS server could authenticate several terminals using Windows, Linux, iOS (iPad), and Android. The measurement results show that the authentication time is short enough for practical operation. In addition, this paper describes the details how to implement EAP-TTLS on Diameter EAP Application as one of EAP methods. It also describes the details how to implement authentication methods in EAP-TTLS server. One of the purposes of this paper is that this paper becomes a guide for those who implement another EAP method on Diameter EAP application and those who implement another authentication method on EAP-TTLS.

AB - Diameter Base Protocol is a protocol for AAA (Authentication, Authorization, and Accounting), which was designed as a successor of RADIUS. For specific AAA purposes, several Diameter Applications are defined on Diameter Base Protocol. Diameter EAP Application is one of Diameter Applications that aims at network access control. EAP (Extensible Authentication Protocol) is a generic authentication protocol that supports several authentication methods called EAP methods. EAP-TTLS is one of EAP methods. EAP-TTLS is a superior authentication method that achieves strong security and is easy to deploy. This paper implements the first open source of EAP-TTLS server that runs on Diameter EAP Application. Our implementation supports four main authentication methods (PAP, CHAP, MS-CHAP, and MS-CHAPv2). As a result of working test, it was made sure that our EAP-TTLS server could authenticate several terminals using Windows, Linux, iOS (iPad), and Android. The measurement results show that the authentication time is short enough for practical operation. In addition, this paper describes the details how to implement EAP-TTLS on Diameter EAP Application as one of EAP methods. It also describes the details how to implement authentication methods in EAP-TTLS server. One of the purposes of this paper is that this paper becomes a guide for those who implement another EAP method on Diameter EAP application and those who implement another authentication method on EAP-TTLS.

UR - http://www.scopus.com/inward/record.url?scp=84876181103&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84876181103&partnerID=8YFLogxK

M3 - Article

VL - 29

SP - 130

EP - 145

JO - Computer Software

JF - Computer Software

SN - 0289-6540

IS - 4

ER -