Also found in: Dictionary, Thesaurus, Medical, Legal, Financial, Acronyms, Wikipedia.


(Extensible Authentication Protocol) A protocol that acts as a framework and transport for other authentication protocols. EAP uses its own start and end messages but then carries any number of third-party messages between the client (supplicant) and access control node such as an access point in a wireless network. See PAP and CHAP.

EAP and LANs

EAP originated with the dial-up PPP protocol in order to support protocols beyond PAP and CHAP. For use on packet networks, EAP Over LAN (EAPOL) was created. EAPOL added new message types and allowed an Ethernet header to be prefixed onto EAP messages so they could be transmitted via Ethernet. Following are various EAP methods used mostly in wireless networks, but also in wired networks. See 802.1X, WPA and 802.11i.

EAP-TLS (EAP-Transport Layer Security)
Uses the handshake protocol in TLS, not its encryption method. Client and server authenticate each other using digital certificates. Client generates a pre-master secret key by encrypting a random number with the server's public key and sends it to the server. Both client and server use the pre-master to generate the same secret key.

Like EAP-TLS above except only the server has a certificate to authenticate itself to the client first. As in EAP-TLS, a secure connection (the "tunnel") is established with secret keys, but that connection is used to continue the authentication process by authenticating the client and possibly the server again using any EAP method or legacy method such as PAP and CHAP.

PEAP (Protected EAP)
Similar to EAP-TTLS above except it does not support legacy methods. It only moves EAP frames. Windows XP natively supports PEAP.

LEAP (Light EAP, Cisco LEAP)
From Cisco, first implementation of EAP and 802.1X for wireless networks. Uses preshared keys and MS-CHAP protocol to authenticate client and server to each other. Server generates and sends session key to access point. Client computes session key independently based on data received in the CHAP challenge.

(EAP-Flexible Authentication via Secure Tunneling)
Enhancement to LEAP from Cisco that provides an encrypted tunnel to distribute preshared keys known as "Protected Access Credential" (PAC) keys. PAC keys may be continuously refreshed to prevent dictionary attacks. EAP-FAST is defined in Cisco's Cisco Compatible Extensions (see CCX).

EAP-SIM (GSM Cellphones)
For GSM phones that switch between cellular and Wi-Fi networks, depending on which is in range. The Subscriber Identity Module (SIM) smart card in the GSM phone (see GSM) contains the secret key used for challenge/response authentication and deriving session keys for encryption.
References in periodicals archive ?
The potential EAP partner programs in this segment include: Work/life services and legal/financial resources, workplace crisis services and on-site health clinics.
About EAP EAP provides ABA therapy, which is widely recognized as an effective, evidence-based treatment for autism and is covered by many private and government insurance providers, including TRICARE, for children and young adults between the ages of 20 months and 21 years with autism spectrum and related disorders.
EAP providers are fielding more requests for education and training on a variety of health issues, including stress management, smoking cessation and nutrition.
Innovations in EAPs have come in response to employers' desire to integrate EAP services with needs of employees outside of the workplace, such as wellness and quality of life concerns.
Some of our clients use the resulting scores in their performance guarantees in their contracts with EAP providers.
Train the building's fire safety directors (FSD) and their deputies through an approved school, after which they must earn an EAP Certificate of Fitness certifying them as FS/ EAP directors and deputies.
Also during Katrina, many EAPs assisted with crucial tasks such as finding food, shelter and assistance for employees.
EAP works with the Bureau for International Narcotics and Law Enforcement Affairs (INL), the Bureau of Oceans and International Environmental and Scientific Affairs (OES), USAID and other agencies on these transnational challenges to develop multilateral approaches to supplement existing bilateral efforts.
However, a qualified EAP cannot offer a choice between educational assistance and taxable remuneration.
companies, more and more firms are demanding certain guarantees from their EAP vendor to ensure they get what they pay for.
Second, we combine claims data of individuals who went to an EAP with those of individuals who did not use an EAP to test whether differences in utilization exist between EAP users and nonusers.
A good quality EAP is able to offer access to free telephonic consultations with attorneys licensed in the employee's state of residence and to discounted legal fees if additional services are needed.