| RE: Strawman -10/EMSK deletion requirement? | <– Date –> <– Thread –> |
From: Nakhjiri Madjid-MNAKHJI1 (Madjid.Nakhjiri motorola.com)
|
|
| Date: Mon, 6 Mar 2006 15:38:37 -0800 (PST) | |
-----Original Message----- From: Salowey, Joe [mailto:jsalowey [at] cisco.com] Sent: Monday, March 06, 2006 12:06 PM To: Nakhjiri Madjid-MNAKHJI1; Rafa Marin Lopez; Bernard Aboba Cc: eap [at] frascone.com Subject: RE: [eap] Strawman -10/EMSK deletion requirement? > Madjid>>I guess the number of people who are not sure about definition > of AAA layer is more than one :) > Joking aside, what is your reason what not making EMSK available to > lower layer, while doing so for MSK is ok? What is the fundamental > difference. > > [Joe] If you pass the EMSK to the lower layer it becomes effectively the same as the MSK. If you want use the EMSK to key an independent application that uses a different authenticator the security of that application becomes completely dependent upon the lower layer its authenticator. Madjid>>I am not transporting the EMSK anywhere. I thought that was a main distinction. Well, the role of authenticator may be not as relevant as the role of the AAA server in keying for an application. Authenticator is just a pass-through for EAP, the applications don't have to get their keys from the authenticator. > > In both cases we require deletion of EMSK after generation of AMSK, > > why? > > > [Joe] To minimize the chance of exposure of the EMSK. Why do you need > to cache it? Could you generate and cache an AMSK instead? > > Madjid>>because a priori I cannot know how many AMSKs I may > need later. > An application may pop up later that needs keying or I move to a > different domain that may require a new AMSK, but I cannot anticipate > the move ahead of time... > [Joe] A different application I may understand although it seems the system typically knows the applications that are in use. If you don't I'm not sure how can authorize the distribution of keys. For the handoff case consider deriving an Handoff AMSK from the EMSK. This handoff AMSK becomes the root of all keys used for handoff. When you move you derive a key from the handoff AMSK. Madjid>>Well today, you run one EAP every time you need keys for a protocol (MIPv6 or something else, SIP, I don't know). Do you know exactly at the start how many protocols you want to key for? Do you want to run a new EAP every time you find out? For handover, yes HO-AMSK is a good solution, if you own the whole network, I don't know what sort of requirements people will have moving to another operator network??
- Re: Strawman -10/EMSK deletion requirement?, (continued)
- Re: Strawman -10/EMSK deletion requirement? Jari Arkko, March 9 2006
- RE: Strawman -10/EMSK deletion requirement? Salowey, Joe, March 6 2006
- RE: Strawman -10/EMSK deletion requirement? Nakhjiri Madjid-MNAKHJI1, March 6 2006
- RE: Strawman -10/EMSK deletion requirement? Nakhjiri Madjid-MNAKHJI1, March 6 2006
- RE: Strawman -10/EMSK deletion requirement? Nakhjiri Madjid-MNAKHJI1, March 6 2006
- RE: Strawman -10/EMSK deletion requirement? Nakhjiri Madjid-MNAKHJI1, March 7 2006
- RE: Strawman -10/EMSK deletion requirement? Narayanan, Vidya, March 7 2006
- RE: Strawman -10/EMSK deletion requirement? Salowey, Joe, March 8 2006
- RE: Strawman -10/EMSK deletion requirement? Avi Lior, March 8 2006
Results generated by Tiger Technologies using MHonArc.