EAPOL (Extensible Authentication Protocol over LAN)

ReneMolenaar · November 13, 2023, 12:27pm

This topic is to discuss the following lesson:

ckress · December 5, 2023, 10:38pm

Doing some more research on this. Is this process described here for the wired EAPOL “handshake”. Is there different 4 way handshake used for wireless that uses PMK and GMK keys? Appreciate all the work you guys do!

-Chase

lagapidis · December 7, 2023, 6:34am

Hello Chase

EAPOL and the WPA 4-way handshake are both important components in network security, especially in authentication processes. In the lesson, EAPOL is described in the context of wired network security, and in particular, with 802.1X authentication. It’s a part of the IEEE 802.1X standard for port-based Network Access Control (NAC).

In this context, EAPOL and WPA 4-way handshake are quite different in their use and processes. Their key differences are listed below:

Network Type: EAPOL is mainly used in wired networks, while the 4-way handshake is specific to wireless networks.
Scope: EAPOL is focused on the authentication phase and supports a variety of authentication methods, whereas the 4-way handshake is specifically for establishing encryption keys in WPA/WPA2 wireless networks.
Key Management: The 4-way handshake directly involves key management for securing data traffic, while EAPOL is more about facilitating authentication and does not deal directly with key management for data encryption.

Now having said that, EAPOL can be used in wireless networks, and in particular, in the context of WPA 4-way handshake. In such a case, EAPOL becomes part of the 4-way handshake process, which is important for key management. Here, it helps in transporting the key material and signaling actions for key management.

So EAPOL is quite versatile as it can play a role in both wired and wireless network environments but with different focuses. In wired networks, its role is predominantly in authentication, while in wireless networks, it extends to key management as part of the WPA/WPA2 protocols.
As far as the use of PMK and GTK in wireless networks, EAPOL is involved in the key management process by facilitating the secure exchange of MPK, PTK, and GTK keys.

I hope this has been helpful!

Laz

ReneMolenaar · December 7, 2023, 12:14pm

@ckress I’m writing an explanation of the WPA 4-way handshake today, which should be finished in a couple of days. I’ll add a link here once it’s finished.

Understanding the WPA keys is a prerequisite. I published this yesterday:

Rene

ReneMolenaar · December 12, 2023, 12:51pm

Here is an explanation of the WPA 4-way handshake: