Mbed forum

To support EAP-FAST

mbed_tls

(Junhyuk Jang) #1

Hi, In order to support EAP-FAST connection, some cipher suites which authentication is anonymous has to be supported. But, I’m not able to find these cipher suites in mbedtls library. Is that way to set the cipher suites?
The required cipher suites are like the following:

TLS_DH_anon_WITH_AES_256_CBC_SHA256; //0x006D
TLS_DH_anon_WITH_AES_256_CBC_SHA; //0x003A
TLS_DH_anon_WITH_AES_128_CBC_SHA256; //0x006D
TLS_DH_anon_WITH_AES_128_CBC_SHA; //0x0034
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA; //0x001B
TLS_DH_anon_WITH_RC4_128_MD5; //0x0018
TLS_DH_anon_WITH_DES_CBC_SHA; //0x001A
TLS_DH_anon_WITH_AES_256_CBC_SHA; //0x003A
TLS_DH_anon_WITH_AES_128_CBC_SHA; //0x0034
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA; //0x001B
TLS_DH_anon_WITH_RC4_128_MD5; //0x0018
TLS_DH_anon_WITH_DES_CBC_SHA; //0x001A
Thanks and Regards,
Jang.


(Ron Eldor) #2

Hi Jang,
Thank you for your query.
Yes, Mbed TLS does not support the DH anonymous ciphersuites, THese ciphersuites have potential for Man in the middle attacks.
As described in the EAP-FAST draft:

It is RECOMMENDED that anonymous ciphersuites such as TLS_DH_anon_WITH_AES_128_CBC_SHA only be used in the context of the provisioning described in [I-D.cam-winget-eap-fast-provisioning]. Care must be taken to address potential man-in-the-middle attacks when cipher suites that do not provide authenticated tunnel establishment are used.

From this quote I understand that these anonymous ciphersuites are not
mandatory to support EAP-FAST. Note that these ciphersuites were removed for TLS 1.3 as well.

Regards,
Mbed TLS Team member
Ron