Shared Secret Key update for RADIUS Accounting
draft-park-radext-ssk-update-02
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | ddukki86@ssu.ac.kr , Souhwan Jung , Seung Wook Jung | ||
| Last updated | 2015-01-04 (Latest revision 2014-07-03) | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
There is a shared secret key in the existing method to authenticate RADIUS accounting messages between the RADIUS server and the access point. If this key is exposed, the attacker can utilize this key to operate the Rogue AP as a normal AP. In this case, a problem arises regarding to the creation of forged user accounting information and transmission to the RADIUS Server. Furthermore, there is some inconvenience for the administrators because each server and AP have to be accessed directly to configure the SSK. This draft proposes the technique for periodic updates of the shared secret key by the RADIUS server to resolve this problem.
Authors
ddukki86@ssu.ac.kr
Souhwan Jung
Seung Wook Jung
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)