Extensible Authentication Protocol (EAP) Key Management Framework
RFC 5247

 
Document Type RFC - Proposed Standard (August 2008; Errata)
Updates RFC 3748
Last updated 2013-03-02
Replaces draft-aboba-pppext-key-problem
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 5247 (Proposed Standard)
Telechat date
Responsible AD Jari Arkko
Send notices to eap-chairs@ietf.org,dansimon@microsoft.com,pasi.eronen@nokia.com,henrik@levkowetz.com
Network Working Group                                           B. Aboba
Request for Comments: 5247                                      D. Simon
Updates: 3748                                      Microsoft Corporation
Category: Standards Track                                      P. Eronen
                                                                   Nokia
                                                             August 2008

   Extensible Authentication Protocol (EAP) Key Management Framework

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   The Extensible Authentication Protocol (EAP), defined in RFC 3748,
   enables extensible network access authentication.  This document
   specifies the EAP key hierarchy and provides a framework for the
   transport and usage of keying material and parameters generated by
   EAP authentication algorithms, known as "methods".  It also provides
   a detailed system-level security analysis, describing the conditions
   under which the key management guidelines described in RFC 4962 can
   be satisfied.

Aboba, et al.               Standards Track                     [Page 1]
RFC 5247              EAP Key Management Framework           August 2008

Table of Contents

   1. Introduction ....................................................3
      1.1. Requirements Language ......................................3
      1.2. Terminology ................................................3
      1.3. Overview ...................................................7
      1.4. EAP Key Hierarchy .........................................10
      1.5. Security Goals ............................................15
      1.6. EAP Invariants ............................................16
   2. Lower-Layer Operation ..........................................20
      2.1. Transient Session Keys ....................................20
      2.2. Authenticator and Peer Architecture .......................22
      2.3. Authenticator Identification ..............................23
      2.4. Peer Identification .......................................27
      2.5. Server Identification .....................................29
   3. Security Association Management ................................31
      3.1. Secure Association Protocol ...............................32
      3.2. Key Scope .................................................35
      3.3. Parent-Child Relationships ................................35
      3.4. Local Key Lifetimes .......................................37
      3.5. Exported and Calculated Key Lifetimes .....................37
      3.6. Key Cache Synchronization .................................40
      3.7. Key Strength ..............................................40
      3.8. Key Wrap ..................................................41
   4. Handoff Vulnerabilities ........................................41
      4.1. EAP Pre-Authentication ....................................43
      4.2. Proactive Key Distribution ................................44
      4.3. AAA Bypass ................................................46
   5. Security Considerations ........................................50
      5.1. Peer and Authenticator Compromise .........................51
      5.2. Cryptographic Negotiation .................................53
      5.3. Confidentiality and Authentication ........................54
      5.4. Key Binding ...............................................59
      5.5. Authorization .............................................60
      5.6. Replay Protection .........................................63
      5.7. Key Freshness .............................................64
      5.8. Key Scope Limitation ......................................66
      5.9. Key Naming ................................................66
      5.10. Denial-of-Service Attacks ................................67
   6. References .....................................................68
      6.1. Normative References ......................................68
      6.2. Informative References ....................................68
   Acknowledgments ...................................................74
   Appendix A - Exported Parameters in Existing Methods ..............75

Aboba, et al.               Standards Track                     [Page 2]
RFC 5247              EAP Key Management Framework           August 2008

1.  Introduction
Show full document text