@techreport{wang-emu-fs-reauth-01, number = {draft-wang-emu-fs-reauth-01}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-wang-emu-fs-reauth/01/}, author = {Guilin WANG and Zander Lei}, title = {{Forward Secure Reauthentication in the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA')}}, pagetotal = 9, year = 2026, month = jul, day = 6, abstract = {This draft specifies an update to RFC 9678, "Forward Secrecy Extension to the Improved Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' FS)", and its predecessors RFC 9048, RFC 5448, and RFC 4187. This update enables forward security of the Transient EAP Keys (TEKs) for protecting EAP packets, which are not in EAP-AKA' FS. Based on this extension, the executions of reauthentication after a full authentication will be unlinkable to each other and then the privacy of end users is enhanced. This update is optional to the above standards.}, }