| Re: [Issue 278]: lifetimes of keys internal to EAP methods | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Sat, 23 Oct 2004 13:35:08 -0400 (EDT) | |
Bernard Aboba wrote:
--Jari
The resolution to Issue 261 involved distinguishing between transient EAP keys used directly to protect the EAP conversation (to be known as Transient EAP Session Keys or TESKs) and other keying material internal to the EAP method. So I think we need to use the new language.
I do not see a reason to distinguish between the different types of keys internal to a method beyond what we have already done, such as making a difference between the long-term credential and TEKs. If either endpoint of the EAP conversation is compromised, a method with a fast reconnect support will be compromised, no matter how many levels of key derivation are used between the "semi-long term key" and the TEKs.
I think the issue is not necessarily the lifetime of the key material, but session key reuse. Note that the definition of "session" typically relates to when a replay counter can wrap, which could encompass multiple EAP sessions.
Is this reflected somewhere in your proposed text? Perhaps we could avoid making a new requirement on the separation of TEKs and fast reconnect keys, but instead have a requirement that fast reconnect and other usage of TEKs should have means for avoiding replay counter wraparound.
--Jari
-
[Issue 278]: lifetimes of keys internal to EAP methods Bernard Aboba, October 23 2004
- Re: [Issue 278]: lifetimes of keys internal to EAP methods Jari Arkko, October 23 2004
-
Re: [Issue 278]: lifetimes of keys internal to EAP methods Jari Arkko, October 24 2004
- Re: [Issue 278]: lifetimes of keys internal to EAP methods Yoshihiro Ohba, October 25 2004
- Re: [Issue 278]: lifetimes of keys internal to EAP methods Bernard Aboba, October 25 2004
- Re: [Issue 278]: lifetimes of keys internal to EAP methods Jari Arkko, October 25 2004
Results generated by Tiger Technologies using MHonArc.