| Re: Issue: exagerate claim in appendix C & B of eap-keying about EAP-TLS | <– Date –> <– Thread –> |
From: Jari Arkko (jari.arkko piuha.net)
|
|
| Date: Sun, 20 Feb 2005 15:43:42 -0500 (EST) | |
Florent Bersani wrote:
Yes.
This would work for me.
--Jari
Appendix C claims that EAP-TLS RFC 2716 is very explicit on its key derivation:
"As described in [RFC2716], the formula for the derivation of the MSK, EMSK and IV from the MK is as follows:
MSK = TLS-PRF-64(MK, "client EAP encryption", client.random || server.random) EMSK = second 64 octets of: TLS-PRF-128(MK, "client EAP encryption", client.random || server.random) IV = TLS-PRF-64("", "client EAP encryption", client.random || server.random)"
How, I find section 3.5 of RFC 2716 less straight-forward. In particular, there is no occurrence in RFC 2716 of MSK nor any of EMSK
Yes.
Requested change
Either write an update of RFC 2716 that makes things more precise on its key derivation part
Or make things more honest in eap-keying by saying sth like:
"The key derivation scheme specified in RFC 2716 that was specified prior to the introduction of the terminology MSK and EMSK MUST be interpreted as follows:
MSK = TLS-PRF-64(MK, "client EAP encryption",
client.random || server.random)
EMSK = second 64 octets of:
TLS-PRF-128(MK, "client EAP encryption",
client.random || server.random)
IV = TLS-PRF-64("", "client EAP encryption",
client.random || server.random)"
This would work for me.
--Jari
-
Issue: exagerate claim in appendix C & B of eap-keying about EAP-TLS Florent Bersani, October 6 2004
- Re: Issue: exagerate claim in appendix C & B of eap-keying about EAP-TLS Jari Arkko, February 20 2005
- Re: Issue: exagerate claim in appendix C & B of eap-keying about EAP-TLS Jari Arkko, February 20 2005
Results generated by Tiger Technologies using MHonArc.