hi every body!
i have few questions regarding cisco leap protocol specifically with regard to mutual authentication.
I understand the user authentication by network but not vice versa.Having being authenticated by network(radius server),wireless user send the challenge to radius server via ap . Radius server performs some predefined function and send the response back to user. user checks if the result matches or not. If there is a match , the network is authenticated to user.
i know both radius server and wireless client use some complex computation to perform authentication ,but for the sake of simplicity, just for concept, let assume wireless client and radius server configured to mutiply the challenge by 4, so when client send the challenge 2, it ,radius server multiply the challenge by 4 that is 2*4= 8 . radius server send the response (8) to wireless client. wireless client computes its own hash value that is challenge*4=8 and finds a match, thus network is autenticated to wireless client.
My question is it makes the authentication device- based as wireless client and radius server need to be configured to perform same computation on challenge value am i correct?