Presently I am working on WiFi security domain. I have a specific question about EAP-TTLS.
As all of you are aware that TLS handshake will do three specific task:
1. It authentuicates the server
2. It creates a pre master shared key..
3. And last but not the least it makes a ciphersuite ready.
Now as we are aware that WPA/RSN has got its own ciphersuite, namely TKIP and AES-CCMP. Hence WPA/RSN version of EAP-TTLS will avoid the last of the above three points.
Now as we know in EAP-TTLS, after the TLS handshake we tunnel further authentication information. That means that it will go through an encryption layer.
Assuming we are passing a CHAP response message containg the user name and the password through the tunnel, which of the encryption methodology will take place. what I want to know that will this be encrypted through the TLS record protocol or will it be encrypted by the standard AES-CCMP/RC4-TKIP?
If somebody can clarify it to me, I will be thankful.
Thanks in advance..