Skip to main content
SpringerLink
Log in

Testing the Conformance of Implementations of the EAP Protocol and Its Methods to Internet Specifications

  • Published:
Programming and Computer Software Aims and scope Submit manuscript

Abstract

Generation of tests for checking the conformance of implementations of the Extensible Authentication Protocol (EAP) and its methods to Internet specifications is described. The project is based on the UniTESK technology that allows one to automate the verification of network protocols using their formal models and the extension JavaTesK, which implements the UniTESK technology in Java. The additional use of mutation testing techniques makes it possible to test the stability of a protocol implementation to corrupt messages. This approach proved to be effective in finding a number of critical vulnerabilities and other deviations from the EAP in some implementations.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

REFERENCES

  1. Aboba, B. et al., IETF RFC 3748. Extensible Authentication Protocol (EAP), June 2004. https://tools.ietf.org/html/rfc3748

  2. Aboba, B. and Calhoun, P., IETF RFC 3579. RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP), September 2003. https://tools.ietf.org/html/rfc3579

  3. Bourdonov, I., Kossatchev, A., Kuliamin, V., and Petrenko, A., UniTesK test suite architecture, Proc. of FME 2002. Lect. Notes Comput. Sci. 2001, vol. 2391, pp. 77–88.

  4. Pakulin, N.V., Nikeshin, A.V., and Shnitman, V.Z., Automation of conformance testing for communication protocols, Trudy ISP RAN, 2014, vol. 26, no. 1, pp. 109–148.

    Article  Google Scholar 

  5. Nikeshin, A.V., Pakulin, N.V., and Shnitman, V.Z., Mutation testing of network protocols using formal models, Nauchnyi servis v seti Internet: trudy XVII Vserossiiskoi nauchnoi konferentsii, 2015, Novorossiisk), Moscow: Keldysh Inst. Prkl. Mat., 2015, pp. 259–266.

  6. Nikeshin, A.V. and Shnitman, V.Z., The verification of tunnel methods of the Extensible Authentication Protocol (EAP), CEUR Workshop Proceedings, 2018, Vol. 2260, pp. 406–416.

  7. Burdonov, I.B., Evtushenko, N.V., and Kossatchev, A.S., Deriving tests for the synchronous composition of deterministic complete Finite State Machines, CEUR Workshop Proceedings, 2018, Vol. 2260, pp. 100–110.

  8. Nikeshin, A.V. and Shnitman, V.Z., The review of extensible authentication protocol and its methods, Trudy ISP RAN, 2018, vol. 30, no. 2, pp. 113–148.

    Article  Google Scholar 

  9. Haverinen and Salowey, IETF RFC 4186. Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM), January 2006. https://tools.ietf.org/html/rfc4186

  10. IEEE Standard 802.1X-2010 - IEEE Standard for Local and metropolitan area networks – Port-Based Network Access Control, 2010.

  11. JavaTESK. http://www.unitesk.ru/content/category/5/25/60/

  12. FreeRADIUS. http://freeradius.org

  13. Clearbox Enterprise Server. http://xperiencetech.com/

  14. TekRADIUS. https://www.kaplansoft.com/tekradius/

  15. Windows Server 2012 R2. https://www.microsoft.com/

  16. Arkko and Haverinen. IETF RFC 4187, Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA), January 2006. https://tools.ietf.org/html/rfc4187/

  17. Arkko, et al., IETF RFC 5448. Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA), May 2009. https://tools.ietf.org/html/rfc5448/

  18. European Telecommunications Standards Institute, GSM Technical Specification GSM 03.20 (ETS 300 534): Digital cellular telecommunication system (Phase 2), Security related network functions, August 1997.

  19. Protected Extensible Authentication Protocol (PEAP), [MS-PEAP], Microsoft Corporation, December 2017. https://msdn.microsoft.com/en-us/library/ cc238354.aspx

  20. Funk and Blake-Wilson, IETF RFC 5281. Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol, Version 0 (EAP-TTLSv0), August 2008. https://tools.ietf.org/html/rfc5281/

  21. Cam-Winget, et al., IETF RFC 4851. The Flexible Authentication via Secure Tunneling Extensible Authentication Protocol Method (EAP-FAST), May 2007. https://tools.ietf.org/html/rfc4851/

  22. Zhou, et al., IETF RFC 7170. Tunnel Extensible Authentication Protocol (TEAP), Version 1, May 2014. https://tools.ietf.org/html/rfc7170

  23. Dierks, T. and Rescorla, E., IETF RFC 5246. The Transport Layer Security (TLS) Protocol Version 1.2, August 2008. https://tools.ietf.org/html/rfc5246/

Download references

Funding

This work was supported by the Russian Foundation for Basic Research, project no. 16-07-00603 Verification of Security of the Authentication Protocol EAP and Evaluation of Its Stability under Attacks.

Author information

Authors and Affiliations

  1. Ivannikov Institute for System Programming, Russian Academy of Sciences, 109004, Moscow, Russia

    A. V. Nikeshin & V. Z. Shnitman

  2. Moscow Institute of Physics and Technology, 141700, Dolgoprudnyi, Moscow oblast, Russia

    V. Z. Shnitman

Authors
  1. A. V. Nikeshin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. V. Z. Shnitman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to A. V. Nikeshin or V. Z. Shnitman.

Additional information

Translated by A. Klimontovich

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nikeshin, A.V., Shnitman, V.Z. Testing the Conformance of Implementations of the EAP Protocol and Its Methods to Internet Specifications. Program Comput Soft 45, 417–423 (2019). https://doi.org/10.1134/S0361768819070090

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1134/S0361768819070090

Search

Navigation