datatracker.ietf.org
Sign in
Version 5.9.0, 2014-12-18
Report a bug

Extensible Authentication Protocol (EAP) Password Authenticated Exchange
RFC 4746

Document type: RFC - Informational (November 2006; Errata)
Was draft-clancy-eap-pax (individual in sec area)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4746 (Informational)
Responsible AD: Russ Housley
Send notices to: waa@cs.umd.edu, clancy@ltsnet.net

Network Working Group                                          T. Clancy
Request for Comments: 4746                                           LTS
Category: Informational                                       W. Arbaugh
                                                                     UMD
                                                           November 2006

               Extensible Authentication Protocol (EAP)
                    Password Authenticated Exchange

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The IETF Trust (2006).

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document defines an Extensible Authentication Protocol (EAP)
   method called EAP-PAX (Password Authenticated eXchange).  This method
   is a lightweight shared-key authentication protocol with optional
   support for key provisioning, key management, identity protection,
   and authenticated data exchange.

Table of Contents

   1. Introduction ....................................................2
      1.1. Language Requirements ......................................3
      1.2. Terminology ................................................3
   2. Overview ........................................................5
      2.1. PAX_STD Protocol ...........................................6
      2.2. PAX_SEC Protocol ...........................................7
      2.3. Authenticated Data Exchange ................................9
      2.4. Key Derivation ............................................10
      2.5. Verification Requirements .................................11
      2.6. PAX Key Derivation Function ...............................12
   3. Protocol Specification .........................................13
      3.1. Header Specification ......................................13
           3.1.1. Op-Code ............................................13
           3.1.2. Flags ..............................................14

Clancy & Arbaugh             Informational                      [Page 1]
RFC 4746                        EAP-PAX                    November 2006

           3.1.3. MAC ID .............................................14
           3.1.4. DH Group ID ........................................14
           3.1.5. Public Key ID ......................................15
           3.1.6. Mandatory to Implement .............................15
      3.2. Payload Formatting ........................................16
      3.3. Authenticated Data Exchange (ADE) .........................18
      3.4. Integrity Check Value (ICV) ...............................19
   4. Security Considerations ........................................19
      4.1. Server Certificates .......................................20
      4.2. Server Security ...........................................20
      4.3. EAP Security Claims .......................................21
           4.3.1. Protected Ciphersuite Negotiation ..................21
           4.3.2. Mutual Authentication ..............................21
           4.3.3. Integrity Protection ...............................21
           4.3.4. Replay Protection ..................................21
           4.3.5. Confidentiality ....................................21
           4.3.6. Key Derivation .....................................21
           4.3.7. Key Strength .......................................22
           4.3.8. Dictionary Attack Resistance .......................22
           4.3.9. Fast Reconnect .....................................22
           4.3.10. Session Independence ..............................22
           4.3.11. Fragmentation .....................................23
           4.3.12. Channel Binding ...................................23
           4.3.13. Cryptographic Binding .............................23
           4.3.14. Negotiation Attack Prevention .....................23
   5. IANA Considerations ............................................23
   6. Acknowledgments ................................................24
   7. References .....................................................24
      7.1. Normative References ......................................24
      7.2. Informative References ....................................25
   Appendix A. Key Generation from Passwords ........................ 27
   Appendix B. Implementation Suggestions ........................... 27
     B.1. WiFi Enterprise Network ................................... 27
     B.2. Mobile Phone Network ...................................... 28

1.  Introduction

[include full document text]