0

I am reading about the WPA2 protocol. The authentication step uses 802.1X protocol which in turn uses the EAP framework; in which a so called 'EAP method' does the authentication (diagram from book).

The WPA2 certification requires the following EAP methods implemented (source):

  • EAP-TLS
  • EAP-TTL
  • PEAPv0/EAP-MSCHAPv2
  • PEAPv1/EAP-GTC
  • EAP-SIM

Let's say I unwrap my consumer AP, set it for WPA2, manually enters the passphrase (PSK) in both STA and AP.

How does the authentication happen? By authentication, I simply mean that both parties prove that they know the key (without revealing the key). Does that happen with the 802.1X and EAP framework (as shown in the diagram), and in that case which EAP method handles this?

Or is 802.1x not used? Or is 802.1x used, but not the EAP framework?

Tom Atkinson
  • 23
  • 2

1 Answers1

1

If you are using a PSK, then none of this is used. 802.1x and EAP are only used to communicate with an authentication source if WPA/WPA2 Enterprise are in use.

To answer your title question, none of them are typically configured out of the box. They are configured when configuring the access point for first run, but this is (of course) dependent on make and model.

MDMarra
  • 100,183
  • 32
  • 195
  • 326
  • So what authentication protocol/method is then used? They still need to prove to each other that they both know the PSK. – Tom Atkinson May 05 '12 at 11:02
  • It's outlined [here](http://en.wikipedia.org/wiki/IEEE_802.11i-2004) in the Four-Way handshake session. – MDMarra May 05 '12 at 11:16