Funk Software’s Odyssey is the first commercial implementation of EAP-TTLS.

EAP-TTLS is an IETF draft jointly authored by Funk Software and Certicom, and is a working document of the PPP Extensions group. The purpose of the protocol is to allow users to be authenticated onto WLANs with their existing password credentials, and, using strong public/private key cryptography, to protect those password credentials against eavesdropping and other attacks that are suddenly made possible by the advent of wireless communications. The result is a protocol that is equal in security to the 802.1x protocol EAP-TLS (included in Microsoft’s Windows XP), that can easily be utilized by a single user from any machine, and that is compatible with existing authentication databases and infrastructure, thus putting secure WLAN authentication within any organization’s reach.

We are committed to developing and introducing secure WLAN solutions that network managers will actually be willing to deploy, said Paul Funk, president of Funk Software and co-inventor of EAP-TTLS. EAP-TTLS is the basis of these solutions, and our technical collaboration with Certicom on the protocol has positioned us well to deliver user-friendly, end-to-end security in Odyssey, and to advance the state-of-the-art in WLAN security management.

The greatest challenges for enterprises that want to implement wireless connectivity are security and manageability, said Simon Blake-Wilson, business development director for Certicom and co-inventor of EAP-TTLS. Certicom and Funk Software developed EAP-TTLS to eliminate these challenges with secure connections that are easy for both administrators and end users.

In addition, Funk Software selected Certicom’s Trustpoint product to build advanced security and simplified management capability into its leading RADIUS/AAA solutions. Trustpoint will provide the cryptographic underpinnings for implementing EAP-TTLS and other security standards in its market-leading RADIUS/AAA solutions; the first such implementation will be in Steel-Belted Radius/Service Provider Edition running on the Solaris platform.

Trustpoint is a comprehensive suite of PKI products that allows today’s enterprises to build wireless certificate capabilities to enable secure communication and digital signatures over cellular, wireless LAN, and other networks via personal digital assistants (PDAs), mobile phones and pagers. Certicom’s security solutions are tailored to the unique requirements of mobile environments, which, unlike desktop-only solutions, require a very compact code size due to bandwidth limitations and memory and processor requirements of mobile devices.