%% You should probably cite rfc9048 instead of this I-D. @techreport{ietf-emu-rfc5448bis-00, number = {draft-ietf-emu-rfc5448bis-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-emu-rfc5448bis/00/}, author = {Jari Arkko and Vesa Lehtovirta and Vesa Torvinen and Pasi Eronen}, title = {{Improved Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA')}}, pagetotal = 33, year = 2018, month = jun, day = 25, abstract = {This specification defines a new EAP method, EAP-AKA', a small revision of the EAP-AKA method. The change is a new key derivation function that binds the keys derived within the method to the name of the access network. The new key derivation mechanism has been defined in the 3rd Generation Partnership Project (3GPP). This specification allows its use in EAP in an interoperable manner. In addition, EAP-AKA' employs SHA-256 instead of SHA-1. This specification also updates RFC 4187 EAP-AKA to prevent bidding down attacks from EAP-AKA'. This version of the EAP-AKA' specification updates a reference to constructing one field in the protocol, so that EAP-AKA' becomes compatible with 5G deployments as well.}, }