Security Encyclopedia

Extensible Authentication Protocol (EAP)

Extensible Authentication Protocol (EAP) is an authentication framework that is used in local area networks (LAN) and dial-up connections.

EAP is used primarily in wireless communication for authentication among clients and wireless LAN. As a point-to-point (P2P)-LAN data communication framework, EAP provides a range of authentication mechanisms, for example supporting one-time passwords (OTPs), smart cards, public key encryption authentication, and digital certificates.

EAP’s major focus is on wireless network communication such as access points used to authenticate client-wireless/LAN network systems. A straightforward EAP flow would occur as follows: Using a transceiver, the client requests a wireless connection. The transceiver then gets client data and conveys it to the authentication where it is processed. The authenticator then requests client ID from the transceiver and once it is received the latter conveys a message to the client requesting the client ID. Once verified, the client ID is sent to the server.

Example:

“EAP is a familiar framework used in wireless technology. It uses the infrastructure available to it (e.g. device, its communication protocols) for user verification and supports a number of security practices such as digital signing and OTPs.”