TTLS Server Validation
Last Post: February 8, 2010:
If you choose not to validate the server on the client side when using TTLS how does the TLS tunnel get established?
The establishment of the tunnel isn't related to the server validation. All that server validation does is makes sure that your STA isn't communicating with a rogue RADIUS server.
On a related note, the STA's should always be configured to validate the server's cert. A nice hack is to set up a rogue AP with a rogue RADIUS server and let the supplicant send login credentials. Validating server cert prevents this attack.
As GTHill mentioned TLS channel isn't related to the server validation.
But the answer to your question is when you dont do server validation, only server certificate's authenticity is not validated. But the server's public key(embedded in certificate) is used for creating TLS channel.
When you enable server validation,then server certificate is validated and then public key of the server's certificate is used for creating TLS channel.
I assume you know the concept of public & private key.
Server validation depends only on client configuration. For example, my Linux wpa supplicant conf. file wpa-supplicant.conf looks like:
You could put # before ca_cert string and TLS tunnel will be established without server validation. It pertains to WinXP/Vista/Win7 supplicants with EAP-PEAP authentication also. Absence of server validation are security hole, attacker could build rogue AP with patched freeradius-server-2.0.2 and collect Your PAP/MD5/CHAP/MSCHAP/MSCHAPV2/GTC passwords or challenge/responses. With asleap-2.2 and appropriate dictionary, attacker could crack Your passwords. For MD5 cracking, Josh Wright created eapmd5pass tool.
Many thanks to all who responded.