eap Mailing List: RE: Issue: AAA Key Caching effectively prohibited?

[Nakhjiri Madjid-MNAKHJI1 (Madjid.Nakhjiri]

[Joe] Mostly I have reservations about caching the EMSK.  The EMSK is
the root of a hierarchy and if you can obtain that then all uses derived
from it are compromised.  Therefore it would be good to destroy it as
soon as possible.  AMSKs should be cryptographically independent and it
should not be computationally feasible to get the EMSK from and AMSK.  

Madjid>>You can prune the roots as much as you want, as long as there is
something left that becomes the root for the tree. Bonsai Trees live for
many many years that way:) Joking aside, if you destroy the EMSK, keep
AMSK, then AMSK becomes your most  key and main source of vulnerability,
so I am not sure what is achieved?

> All these services exist within a single lower layer, right?  
> Presumably the lower layer knows that it will need these AMSKs, so it 
> can ask the EAP layer for them.
> 

[Joe] These are all different applications that in general don't know
about one another, however the entity that is requesting the
authentication (EAP Authenticator system) has an idea of what
applications will be used.  It could potentially deliver keys to
multiple different applications/lower layers if necessary.   The lower
layer may be intimately involved in some aspects such as ciphering, but
for others it may have no knowledge.   There could be multiple lower
layers or enhanced services provided by a lower layer that operate
independently.  

Madjid>>I like to at least initially assume that an application is
authorized by the AAA server, and hence there is a level of mutual
awareness here.