EAP, LEAP, PEAP, and TTLS are competing protocols for securely transporting authentication data.

EAP

EAP (Extensible Authentication Protocol), defined in RFC 2284 — PPP Extensible Authentication Protocol (EAP), is the original 802.11 standard.

LEAP

LEAP (Lightweight Extensible Authentication Protocol) is a proprietary protocol which was developed by Cisco. Cisco is phasing out LEAP in favor of PEAP.

EAP-TLS

EAP-TLS (Extensible Authentication Protocol – Transport Layer Security) was created by Microsoft and accepted by the IETF as RFC 2716: PPP EAP TLS Authentication Protocol..

PEAP

PEAP (Protected Extensible Authentication Protocol) is a proprietary protocol which was developed by Microsoft, Cisco and RSA Security.

EAP-TTLS

Tunneled Transport Layer Security (EAP-TTLS) is a proprietary protocol which was developed by Funk Software and Certicom, and is supported by Agere Systems, Proxim, and Avaya.

EAP-TTLS is being considered by the IETF as a new standard.

For more information on EAP-TTLS, read the draft RFC EAP Tunneled TLS Authentication Protocol (EAP-TTLS).

PEAP, EAP-TTLS and a World without Certificates

PEAP and EAP-TTLS make it possible to authenticate wireless LAN clients without requiring them to have certificates.

PEAP and EAP-TTLS both utilize Transport Layer Security (TLS) to set up an end-to-end tunnel to transfer the user's credentials without having to use a certificate on the client.

EAP in 802.11i

EAP-TLS is the de facto standard for authentication in 802.11i wireless LANs.

The addition of EAP-TTLS to a wireless LAN protocol standard would enable wireless LANs to communicate securely without the use of encryption certificates.