EAP-TLS too fast?

Jouni Malinen jkmaline at cc.hut.fi
Wed Feb 8 22:00:31 EST 2006


On Wed, Feb 08, 2006 at 12:02:58PM -0500, Andrea G Forte wrote:

> I have setup a RADIUS server (freeradius) with hostapd 0.4.7 and 
> wpa_supplicant 0.4.7. Both the last two use hostap-driver 0.4.7.
> I am using EAP-TLS (client and server certificates generated by the 
> CA.all script included in freeradius) with RSN (CCMP). I am not sure if 
> something is wrong in the authentication process. The problem is that it 
> is taking too little time for the authentication process to complete.

This must be one of the first complains on the topic of authentication
being too fast.. ;-) Assuming the network connection is working, I would
not call this a problem..

> In 
> the attached file you can see one authentication process captured using 
> kismet and then parsed with Ethereal. As you can see the time from 
> Assoc. resp to the first encrypted data packet is only 222 msec. About a 
> year ago it was of the order of one second (and all the literature says 
> so). Has WPA2 improved the authentication time so much? Am I doing 
> something wrong in setting up EAP-TLS in the wpa_supplicant?

Do you have references to the literature saying something like this? 222
msec sounds like a reasonable time for EAP-TLS + WPA2 authentication.
When running hostapd + wpa_supplicant with driver_test, i.e., doing full
authentication, but using UNIX domain socket to replace the wireless
part, I can complete similar case with 2048-bit keys in 25 msec on my
laptop (2 GHz PentiumM) and this was sharing the same CPU for both the
supplicant and authentication server.

Round trip over air is not going to be much more than 1-2 ms, so I
wouldn't be too surprised to see full authentication happen in less than
100 ms; maybe even less than 50 ms if the used keys are not that long.

As long as the implementations of all components (supplicant,
authenticator, authentication server) are good, i.e., do not add extra
latency by having to poll for frames etc., it shouldn't really take much
time to go through less than ten round-trips when both the
authentication server and supplicant are run on reasonably powered CPUs
to take care of the RSA operations.

> Another thing is that the supplicant sends the following packet twice:
> TLS      Certificate, Client Key Exchange, Certificate Verify, Change 
> Cipher Spec, Encrypted Handshake Message
> 
> and also the "server hello" is sent twice. Is this the correct behavior?

Those frames were fragmented, so you are just seeing two fragments of
the same message.

> Your help is always very much appreciated.

I don't know whether I can help you with this problem.. Or maybe adding
some extra usleep(10) delays in random places would be suitable to make
the authentication take longer.. ;-)

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list