eap Mailing List

View Index by: Date - Thread - Author
keying appendix E vs. EMSK guidelines
From: Jari Arkko (jari.arkkopiuha.net)
Date: Wed, 21 Jan 2004 03:17:07 -0500 (EST) 
Description of issue: keying appendix E vs. EMSK guidelines
Submitter name: Jari Arkko
Submitter email address: jari.arkko [at] piuha.net
Date first submitted: Jan 21, 2004
Reference:
Document: Keying Framework
Comment type: T
Priority: 1
Section: Appendix E
Rationale/Explanation of issue:

Appendix E of keying-01 talks about the derivation of
suitable AAA Keys for handoff situations. It gives the
following formulae:

   AAA-Key-B      = PRF(EMSK(0,63),AAA-Key-A,
                    B-Called-Station-Id,Calling-Station-Id)

   AAA-Key-E      = PRF(EMSK(0,63),AAA-Key-A,
                    E-Called-Station-Id,Calling-Station-Id)

But draft-salowey-eap-keying-02 discusses EMSK usage, and
I think we have agreed at least about this:

     o The application MUST NOT use the EMSK in any other way except to
        derive Application Master Session Keys (AMSK) using the key
        derivation specified in section 3 this document.  They MUST NOT
        use the EMSK directly.

     o Applications MUST define distinct key labels and application
        specific data used in the key derivation described in section 3.

Appendix E appears to break the second requirement. Joe's
draft gives the following construction for AMSKs:

AMSK = KDF(EMSK, key label, optional application data, length)

Perhaps appendix E could be corrected to be inline with this?
Here's the suggested text change:

   AAA-Key-B      = PRF(EMSK(0,63),"EAP AAA-Key derivation for multiple 
attachments",
                    AAA-Key-A,B-Called-Station-Id,Calling-Station-Id)

   AAA-Key-E      = PRF(EMSK(0,63),"EAP AAA-Key derivation for multiple 
attachments",
                    AAA-Key-A,E-Called-Station-Id,Calling-Station-Id)

Also, the rules about the calling and called station ids could perhaps
be made less link layer specific:

    Calling-Station-Id  = STA MAC address
    B-Called-Station-Id = AP B MAC address
    E-Called-Station-Id = AP E MAC address

=>

    Calling-Station-Id  = peer identity
    B-Called-Station-Id = second attachment point identity
    E-Called-Station-Id = third attachment point identity

--Jari




  • (no other messages in thread)

Results generated by Tiger Technologies using MHonArc.