PEAP username over the air

Unanswered Question
Feb 21st, 2007

I have a 4404 controller with 1010APs and deciding which EAP method to use. As I was analyzing this and sniffing wireless packets, username is sent in clear over the air when authenticating with PEAP.

I was somewhat surprised and thought that was one of the limitation of LEAP but not PEAP.

Is this normal behavior?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
misramanish Wed, 02/21/2007 - 15:38

Interesting post! I'm debating between PEAP and EAP-FAST myself and am really surprised to hear that you were able to capture username from your sniffer.

What encryption method are you using, btw? TKIP, CCMP or AES? Of the three, I have heard that AES will provide highest encryption (which in theory should totally encrypt all user credentials).

jamesgef Wed, 02/21/2007 - 18:44

Controller is set only for WPA2 with AES encryption and 802.1x.

I'm using a Cisco Aironet a/b/g PCMCIA card using the Cisco Aironet utility (latest version) as my supplicant (not using windows configuration for wireless networks).


jamesgef Wed, 02/21/2007 - 18:46

Just to provide more information, my profile in the Cisco Aironet Utility is configured for PEAP with MS-CHAP-v2.


csannedhi Mon, 02/26/2007 - 20:40

Zhenning is correct. The encryption method has nothing to do with the 802.1x process. Until the authentication process is finished the unicast keys are not generated. All the data exchange gets encrypted using the generated keys after the authentication process.

zhenningx Mon, 02/26/2007 - 07:56

PEAP usernames can be sent in clear text or encrypted. By using windows native WZC config, the usersnames are in clear text. By using Intel supplicant, the PEAP usernames are encrypted as well. The capture only sees "anoymous" as the username.


jafrazie Mon, 02/26/2007 - 13:00

Is MSCHAVPv2 or GTS being used as the inner method for ACU?


This Discussion



Trending Topics - Security & Network