| RE: Relationship between AAA-Key and MSK/EMSK | <– Date –> <– Thread –> |
From: Joseph Salowey (jsalowey cisco.com)
|
|
| Date: Fri, 6 Feb 2004 13:00:39 -0500 (EST) | |
jrv [at] j.imap.itd.umich.edu wrote: > This brings up a point that I haven't been able to understand > - see below --On Friday, February 6, 2004 9:18 AM -0800 > Joseph Salowey > <jsalowey [at] cisco.com> wrote: > >> Hi Hannes, >> >> I agree the definition of the AAA-key seems incomplete, I think the >> definition is any key that is used by the authenticator and >> supplicant to derive keys for data traffic protection (I don't think >> AAA-key is the best name since it doesn't have to involve a AAA in >> the basic case). In the case of standard 802.11 this AAA-Key the >> same as the MSK. In the fast handoff example I believe additional >> AAA-keys are pushed to neighboring access points. In order to >> provide computational independence from the MSK they should be >> derived from the EMSK. >> > I don't understand why we would derive a MSK and EMSK that > are at the same > level, then use the MSK for the current AP but derive new > keys from the > EMSK for other APs. > > It seems to me that it would be more consistent to derive all > keys the same > way, perhaps from the MSK. But then I don't understand the > value of the > EMSK, since everything can be derived from the MSK. > > I had thought that the MSK was meant to allow backward > compatibility with > existing Key mechanisms, and the EMSK would do future things. > Perhaps this is the case, but it seems to me that deriving everything > the > same way would > be more consistent and easier to understand. > > Is the MSK mean to be equivalent to the EMSK except that the > MSK is only > used for existing implementations, or am I misunderstanding something? > [Joe] Basically you are correct. The reason for the EMSK is because existing schemes already use the MSK directly in specific ways (dynamic WEP for example). If we could start over we could just have one key and derive everything from that. We could decide to deprecate the MSK and derive everything from the EMSK. >> I have submitted an issue in email >> > http://mail.frascone.com/pipermail/eap/2004-January/002143.htm > l (which >> has not yet been assigned a number) which describes how to derive >> keys from the EMSK for specific purposes. I think appendix e needs >> to be updated as discussed in Issue 214 >> http://www.drizzle.com/~aboba/EAP/eapissues.html#Issue%20214. I >> haven't had time to take a detailed look at Jari's proposal. I'm not >> sure why the A-AAA-Key is needed in this derivation but it is >> equivalent to the MSK. >> >> Could you provide some more context from your discussion? What >> exactly are you deriving keys to do? In my opinion it is best to use >> the MSK as in the case of 802.11 (single authenticator to >> supplicant). If keys are going to be used for other purposes, >> between other parties or in other ways they should be derived from >> the EMSK. >> >> Thanks, >> >> Joe >> >> >> eap-admin [at] frascone.com wrote: >>> hi all, >>> >>> this issue come up when we discussed (Yoshi, Alper, Jari) the >>> relationship between the AAA-key and the MSK/EMSK in PANA . >>> >>> it is said that the AAA-Key is derived from the MSK and EMSK. >>> >>> the eap-keying document does not specify how this key derivation is >>> achieved. worse, in Section 4.2.1 the text says: >>> >>> " The AAA-Key is derived from the keying material exported by the >>> EAP method (MSK and EMSK). This derivation occurs on the AAA >>> server. In many existing protocols that use EAP, the AAA-Key and >>> MSK are equivalent, but more complicated mechanisms are possible >>> (see Appendix E for details). " >>> >>> appendix e, however, does not help since it talks only about a very >>> special case, namely fast handoff. >>> >>> we dicussed this issue in one of the eap keying design team phone >>> conferences but it got lost somehow. >>> >>> it would be more helpful to provide a proposal for AAA-Key to >>> MSK/EMSK key derivation. >>> >>> ciao >>> hannes >>> _______________________________________________ >>> eap mailing list >>> eap [at] frascone.com http://mail.frascone.com/mailman/listinfo/eap >> >> _______________________________________________ >> eap mailing list >> eap [at] frascone.com http://mail.frascone.com/mailman/listinfo/eap
-
Relationship between AAA-Key and MSK/EMSK Tschofenig Hannes, February 6 2004
-
RE: Relationship between AAA-Key and MSK/EMSK Joseph Salowey, February 6 2004
-
RE: Relationship between AAA-Key and MSK/EMSK John Vollbrecht, February 6 2004
- RE: Relationship between AAA-Key and MSK/EMSK Joseph Salowey, February 6 2004
- RE: Relationship between AAA-Key and MSK/EMSK John Vollbrecht, February 6 2004
- RE: Relationship between AAA-Key and MSK/EMSK Joseph Salowey, February 9 2004
-
RE: Relationship between AAA-Key and MSK/EMSK John Vollbrecht, February 6 2004
-
RE: Relationship between AAA-Key and MSK/EMSK Joseph Salowey, February 6 2004
-
RE: Relationship between AAA-Key and MSK/EMSK Nick Petroni, March 16 2004
- Re: Relationship between AAA-Key and MSK/EMSK Jari Arkko, March 17 2004
Results generated by Tiger Technologies using MHonArc.