Secure authentication with only a password

By the security guy posted May 31, 2012 05:54 PM


Cloud services are now being used to crack passwords used in WPA2-PSK. One researcher used the Amazon cloud to check over 400,000 passwords per second at a cost of less than a penny. He claims he can find passwords for less than $2.Check it out:


If "use a stronger password!" is your response, then you're not thinking about Moore's Law. These sorts of attacks are going to be getting faster and cheaper and your ability to remember a password, and repeately enter it with a low probability of error, starts to degrade after about 20 characters. It's a losing battle!


What should I do, you ask? Good question. The answer is to not use protocols that are susceptible to dictionary attack.


A dictionary attack is one in which the attacker is able to run through a set of potential passwords and be able to realize it when he finds the right one. The set of passwords isn't necessarily a dictionary, potential passwords can have numbers and special characters (for example, "passw*rd" is unfortunately a very popular password, so is "abc123"). The idea is that the attacker has everything he needs, except the right password, to compute a password verifier and he has the information to know when that verifier is correct. All he needs is a giant database of a few million potential passwords, and those can be easily found on the Internet. When a protocol is resistant to attack it means an attacker cannot observe an attack and then go offline searching for the right password (as is done with WPA2-PSK).


Aruba has developed a protocol called dragonfly that is resistant to dictionary attack. This protocol has been added to the 802.11 standard in the form of SAE (Simultaneous Authentication of Equals). It's also been incorporated into an EAP method as defined in RFC 5931 ( as EAP-pwd


The implications of this are profound. Passwords used for access can be shorter and easy to remember without a considerable loss of security (repeated, active, guessing attacks are still possible against dragonfly but those are easily detected and countermeasures can deal effectively with them). As a drop-in replacement for WPA2-PSK, SAE will make small office and home networks secure. As an EAP method, EAP-pwd will provide enterprise (and guest access) security using simpler passwords without the need for server-side certificates.


Coming soon to an Aruba network near you: secure authentication with only a password.




Dec 21, 2014 10:26 AM

it seems support has been pushed back to 6.5. kinda funny to see this announced in 2012 and it taking to 2015 to get in the actual aruba software.

Dec 09, 2014 12:25 AM

Hi Dan,


Has EAP-PWD been integrated in clearpass6.4 OS. if yes, where i can find the deployment or some detailed information on how to implement this in existing environment.




Jun 12, 2014 03:01 PM


  Hi Tony,


  EAP-pwd will be supported in ClearPass 6.4 with a scheduled FCS in mid-November.

If you'd like to start using it you can continue to use FreeRadius as that has EAP-pwd

support in it. 


  Aruba has an EAP plug-in that provides EAP-pwd support for the Windows supplicant,

see the mention above in my 8-15-2013 post. Unfortuately there is no support for mac

or iOS at this time but there is for Android. 






Jun 10, 2014 04:25 AM



Currently we authenticates users with EPA-PEAP and EAP-TTLS (Cisco Controllers and freeradius).
With the recent adquisisión of Aruba controllers 7220 and ClearPass we want to migrate authentication only with EAP-PWD.
Our idea is to use our LDAP and ClearPass Cluster as radius proxy.
Is supported EAP-PWD in ClearPass?
Is there supplicants available for windows, mac, iOS?



Aug 15, 2013 12:25 PM

Hi George,


It doesn't require a certificate on the backend. RADIUS is probably necessary, although strictly speaking EAP-pwd could be terminated on a controller without the need for a RADIUS server. A differentiator here is that there's no need for a certificate, and no need for a PKI. There's no security (or scaling) issues associated with self-signed certificates either. Currently, there Is EAP-pwd support in FreeRADIUS and hostapd so it's straightforward to roll this out.


EAP-pwd is a normal EAP method that can be used in pass-thru mode on any AP/controller and the resulting authenticated and shared secret (the PMK) can be cached and used to facilitate fast roaming using either opportunistic key caching or 802.11r. There is no latency penalty for roaming. 


I'm not sure why you imagine using a shared username and password. EAP-pwd can certainly be used that way but then you lose the ability to do true user authentication. The problem with doing PEAP and username/password is that it requires the server to have a certificate from a trusted CA. With EAP-pwd you get strong authentication, resistance to dictionary attack, and no PKI/certificates needed. And, as mentioned above, with EAP-pwd you can use shorter and weaker passwords and still get strong authenticaiton due to its resistance to dictionary attack. The security of the protocol doesn't break down if it gets used with weak passwords!


Aruba has an EAP-pwd plug-in for Windows. And this is a true EAP plug in too. It continues to use the Windows supplicant but just adds another EAP method. This is unlike some of our competitors that completely blow away the windows supplicant and forces you to use theirs (good luck uninstalling that software too!). 


Strong, robust, and misuse-resistant cryptography, brought to you by Aruba Networks :-)


Aug 15, 2013 02:24 AM

I saw a native Android client for EAP-PWD and wondered what it was and I tracked it down to here.  Is there a way to get this working in Microsoft Windows client?  Would be nice to have a simple PSK alternative that authenticates within a secure tunnel.

I'm assuming this still requires a RADIUS certificate on the backend?

I'm the author of this guide for enterprise wireless security.

It's been a while since I've seen a new EAP type that's worth mentioning, but this may be a good new edition.  The last time I found something new and interesting was Ruckus' implementation of dynamic PSK which issued a PSK per device without the need for a RADIUS or certificate backend.  That solves the problem of a compromised client device divulging a shared secret and being forced to reconfigure every other device using that shared key.  The lack of a RADIUS and certificate backend simplified remote implementations (think 1000 chain stores) because it eliminated latency.  There's also a heavy latency penalty for roaming between APs which makes it bad for VoIP devices.

But EAP-PWD solves the hackability problem.  One issue I see with EAP-PWD is that if you're going to go with a RADIUS and 802.1x backend, you could just use PEAP with a shared username and password.  The down side is that it requires an extra field for the user to enter, but at least it has native universal support on the client side.

Maybe the two solutions could be merged into a unified standard.

Jun 08, 2012 12:19 AM

Great question! 


That subject was broached to Wi-Fi a while ago and the vote failed. Hotspot 2.0 defines EAP-TLS for

certificate-based authentication, EAP-AKA and EAP-SIM for SIM-based authentication, and TTLS for

"Username/Password (with server-side certificate"). What we were proposing was to add another

option for "Username/Password (without server-side certificate)". As I said, the vote failed. This was

back in 2010.


I do plan on re-introducing the idea. Much has happened since the initial try. EAP-pwd is in the

base of Android 4.0 (ICS), it is in FreeRADIUS, it is in hostapd and wpa_supplicant. There is ample

code out there now that wasn't there in 2010.


Stay tuned!


Jun 07, 2012 08:50 PM

You mention using EAP-pwd as a WPA2-PSK and WPA2-Enterprise enhancement/replacement.  Do you plan to propose EAP-pwd for future inclusion in the WFA's Hotspot 2.0 specification?  Assuming it's secure, this would appear to be a nice alternative to EAP-TTLS with server certs.