| EAP Key Management Framework (FYI) | <– Date –> <– Thread –> |
From: t . otto (t.otto sharevolution.de)
|
|
| Date: Fri, 26 Aug 2005 08:31:46 -0400 (EDT) | |
In http://www.drizzle.com/~aboba/EAP/draft-ietf-eap-keying-08.txt, we have +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---+ | | ^ | EAP Method | | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+ | | | | | | | | | | | EAP Method Key |<->| Long-Term | | | | | Derivation | | Credential | | | | | | | | | | | | | +-+-+-+-+-+-+-+ | Local to | | | | | EAP | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Method | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | +-+-+-+-+-+-+ +-+-+-+-+-+-+ +-+-+-+-+-+-+ | | | | | TEK | |MSK, EMSK | |IV | | | | | |Derivation | |Derivation | |Derivation | | | | | +-+-+-+-+-+-+ +-+-+-+-+-+-+ +-+-+-+-+-+-+ | | | | | | | | | | ^ | | | V +-+-|-+-+-+-+-+-+-+-+-|-+-+-+-+-+-|-+-+-+-+-+-+-+-+-|-+-+-+ ---+ | | | | ^ | Peer-ID, | | | Exported| | Server-ID, | Channel | MSK (64+B) | IV (64B) by | | Method-ID, | Bindings | EMSK (64+B) | EAP | | Key-Lifetime | & Result | | Method | V V V V V Figure 1: EAP Parameter Import/Export The non-public IV is derived from the secret keying material. In NIST SP 800-56 however one find in section 5.8, Key Derivation Functions, that "the output from a KDF shall only be used for secret keying material, such as a symmetric key used for data encryption or message integrity, [...] Non-secret keying material (such as a non-secret initialization vector) shal not be generated using the shared secret". I am not sure, shouldn`t the EAP key management better comply with NIST recommendations? /Thomas
-
EAP Key Management Framework (FYI) t . otto, August 26 2005
- Re: EAP Key Management Framework (FYI) Jari Arkko, August 26 2005
Results generated by Tiger Technologies using MHonArc.