eap Mailing List: Re: RE: Issue: EMSK transported to other parties?

[Bernard Aboba (bernard_aboba]

> I think it makes sense to have the KDF in the AAA server only when (1)
> such an entity resides in the same domain as the AAA server and (2)
> use of the AAA protocol for distributing application-specific keys to
> application-specific entities is assumed.  For other cases (i.e.,
> bootstrapping applications in visiting domain or using non-AAA
> protocol for distributing application-specific keys), it might be
> good to put the KDF in a separate entity from the AAA server.

How could an entity other than the EAP peer or server gain access to the 
EMSK in order to generate AMSKs?  The EMSK cannot be transported, so only 
the EAP peer and server can have access to it.   An entity must have access 
to the EMSK to apply a Key Distribution Function (KDF) to it in order to 
produce an AMSK.  So therefore only the EAP peer and the EAP server can 
apply a KDF to the EMSK to produce AMSKs.

Of course, a KDF is just a cryptographic function, not anything magic, so 
any entity (EAP peer, authenticator, server) can call the function.  They 
just can't use the EMSK as an input to it.