• EAP-GTC

Graph linking

• Uses: rfc2284

Information

GTC (generic token card) was one of the first specified EAP-types. rfc2284 defined EAP-MD5, EAP-OTP (one time password) and EAP-GTC. EAP-GTC may also be tunneled for example inside PEAP, according to Cisco [2] (direct quote):

• Q. What are the security benefits of PEAP?
• A. PEAP provides the following security benefits:
  • Relies on Transport Layer Security (TLS) to allow nonencrypted authentication types such as EAP-Generic Token Card (GTC) and One Time Password (OTP) support.

The specification goes as follows [1]:

3.6.  Generic Token Card

   Description

      The Generic Token Card Type is defined for use with various Token
      Card implementations which require user input.   The Request
      contains an ASCII text message and the Reply contains the Token
      Card information necessary for authentication.  Typically, this
      would be information read by a user from the Token card device and
      entered as ASCII text.

   Type

      6

   Type-Data

      The Type-Data field in the Request contains a displayable message
      greater than zero octets in length.  The length of the message is
      determined by Length field of the Request packet.  The message
      MUST not be null terminated.  A Response MUST be sent in reply to
      the Request with a Type field of 6 (Generic Token Card).  The
      Response contains data from the Token Card required for
      authentication.  The length is of the data is determined by the
      Length field of the Response packet.

References

• [1] http://www.ietf.org/rfc/rfc2284.txt

• [2] http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item0900aecd801764fa.shtml

Linked in pages: EAPOL

CategoryWifiPedia <<MetaData(level, 05,hidden)>>