RFC 8146

Adding Support for Salted Password Databases to EAP-pwd, April 2017

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
Status:
INFORMATIONAL
Updates:
RFC 5931
Author:
D. Harkins
Stream:
IETF
Source:
NON WORKING GROUP

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC8146

Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 8146


Abstract

EAP-pwd is an Extensible Authentication Protocol (EAP) method that utilizes a shared password for authentication using a technique that is resistant to dictionary attacks. It includes support for raw keys and double hashing of a password in the style of Microsoft Challenge Handshake Authentication Protocol version 2 (MSCHAPv2), but it does not include support for salted passwords. There are many existing databases of salted passwords, and it is desirable to allow their use with EAP-pwd.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search