| [Issue N]: independence of TEKs from MSKs and TSKs | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Tue, 26 Oct 2004 06:01:15 -0400 (EDT) | |
Submitter name: Pasi Eronen Submitter email address: Pasi.Eronen [at] nokia.com Date first submitted: 10/25/2004 Reference: http://mail.frascone.com/pipermail/eap/2004-October/002971.html Document: Keying Framework Comment type: T Priority: 1 Section: 2.3.1 and Rationale/Explanation of issue:
Pasi argues that it is only necessary to prevent computation of TEKs from TSKs and not the other way around. Jari argues that it is also useful to prevent computation of TEKs from MSK and EMSK. Preventing computation of MSKs from TSKs was also mentioned, but that may not fit what current link layers do (?).
Suggested correction: In 2.3.1, change
Similarly, TSKs MUST remain cryptographically separate from TEKs despite TEK rekeying or caching. This prevents TEK compromise from leading directly to compromise of the TSKs and vice versa.
=>
Similarly, Similarly, it must not be possible to calculate TEKs from keys exported outside the EAP method. This prevents TSK compromise from leading directly to compromise of the TEKs.
In Section 6.4, change
In addition, the TSKs MUST be cryptographically separate from the TEKs.
=>
In addition, it MUST NOT be possible to calculate TEKs from MSK and EMSK. (From this it also follows that it is not possible to calculate TEKs from TSKs or AMSKs.)
- Re: [Issue 278]: lifetimes of keys internal to EAP methods, (continued)
- Re: [Issue 278]: lifetimes of keys internal to EAP methods Jari Arkko, October 26 2004
- RE: [Issue 278]: lifetimes of keys internal to EAP methods henry.haverinen, October 25 2004
-
RE: [Issue 278]: lifetimes of keys internal to EAP methods Pasi.Eronen, October 25 2004
- Re: [Issue 278]: lifetimes of keys internal to EAP methods Jari Arkko, October 26 2004
- [Issue N]: independence of TEKs from MSKs and TSKs Jari Arkko, October 26 2004
Results generated by Tiger Technologies using MHonArc.