Adding Support for Salted Password Databases to EAP-pwd
RFC 8146, “Adding Support for Salted Password Databases to EAP-pwd”, is an Informational document published in April 2017 by D. Harkins. It updates RFC 5931. The canonical text is published by the RFC Editor.
Abstract
EAP-pwd is an Extensible Authentication Protocol (EAP) method that utilizes a shared password for authentication using a technique that is resistant to dictionary attacks. It includes support for raw keys and double hashing of a password in the style of Microsoft Challenge Handshake Authentication Protocol version 2 (MSCHAPv2), but it does not include support for salted passwords. There are many existing databases of salted passwords, and it is desirable to allow their use with EAP-pwd.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 8146 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8145 Signaling Trust Anchor Knowledge in DNS Security Extensions
- RFC 8147 Next-Generation Pan-European eCall
- RFC 8144 Use of the Prefer Header Field in Web Distributed Authoring and Versioning
- RFC 8148 Next-Generation Vehicle-Initiated Emergency Calls
- RFC 8143 Using Transport Layer Security with Network News Transfer Protocol
- RFC 8149 RSVP Extensions for Reoptimization of Loosely Routed Point-to- Multipoint Traffic Engineering Label Switched Paths
- RFC 8142 GeoJSON Text Sequences
- RFC 8150 MPLS Transport Profile Linear Protection MIB