Extensible Authentication Protocol (EAP) Key Management Framework
RFC 5247
| Document | Type |
RFC - Proposed Standard
(August 2008; Errata)
Updated by RFC 8940
Updates RFC 3748
Was draft-ietf-eap-keying (eap WG)
|
|
|---|---|---|---|
| Authors | Daniel Simon , Bernard Aboba , Pasi Eronen | ||
| Last updated | 2015-10-14 | ||
| Replaces | draft-aboba-pppext-key-problem | ||
| Stream | IETF | ||
| Formats | plain text html pdf htmlized bibtex | ||
| Reviews | |||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 5247 (Proposed Standard) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Jari Arkko | ||
| Send notices to | dansimon@microsoft.com, henrik@levkowetz.com | ||
Network Working Group B. Aboba
Request for Comments: 5247 D. Simon
Updates: 3748 Microsoft Corporation
Category: Standards Track P. Eronen
Nokia
August 2008
Extensible Authentication Protocol (EAP) Key Management Framework
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Abstract
The Extensible Authentication Protocol (EAP), defined in RFC 3748,
enables extensible network access authentication. This document
specifies the EAP key hierarchy and provides a framework for the
transport and usage of keying material and parameters generated by
EAP authentication algorithms, known as "methods". It also provides
a detailed system-level security analysis, describing the conditions
under which the key management guidelines described in RFC 4962 can
be satisfied.
Aboba, et al. Standards Track [Page 1]
RFC 5247 EAP Key Management Framework August 2008
Table of Contents
1. Introduction ....................................................3
1.1. Requirements Language ......................................3
1.2. Terminology ................................................3
1.3. Overview ...................................................7
1.4. EAP Key Hierarchy .........................................10
1.5. Security Goals ............................................15
1.6. EAP Invariants ............................................16
2. Lower-Layer Operation ..........................................20
2.1. Transient Session Keys ....................................20
2.2. Authenticator and Peer Architecture .......................22
2.3. Authenticator Identification ..............................23
2.4. Peer Identification .......................................27
2.5. Server Identification .....................................29
3. Security Association Management ................................31
3.1. Secure Association Protocol ...............................32
3.2. Key Scope .................................................35
3.3. Parent-Child Relationships ................................35
3.4. Local Key Lifetimes .......................................37
3.5. Exported and Calculated Key Lifetimes .....................37
3.6. Key Cache Synchronization .................................40
3.7. Key Strength ..............................................40
3.8. Key Wrap ..................................................41
4. Handoff Vulnerabilities ........................................41
4.1. EAP Pre-Authentication ....................................43
4.2. Proactive Key Distribution ................................44
4.3. AAA Bypass ................................................46
5. Security Considerations ........................................50
5.1. Peer and Authenticator Compromise .........................51
5.2. Cryptographic Negotiation .................................53
5.3. Confidentiality and Authentication ........................54
5.4. Key Binding ...............................................59
5.5. Authorization .............................................60
5.6. Replay Protection .........................................63
5.7. Key Freshness .............................................64
5.8. Key Scope Limitation ......................................66
5.9. Key Naming ................................................66
5.10. Denial-of-Service Attacks ................................67
6. References .....................................................68
6.1. Normative References ......................................68
6.2. Informative References ....................................68
Acknowledgments ...................................................74
Appendix A - Exported Parameters in Existing Methods ..............75
Aboba, et al. Standards Track [Page 2]
RFC 5247 EAP Key Management Framework August 2008
1. Introduction
The Extensible Authentication Protocol (EAP), defined in [RFC3748],
was designed to enable extensible authentication for network access
in situations in which the Internet Protocol (IP) protocol is not
Show full document text