Network Working Group B. Aboba
Request for Comments: 5247 D. Simon
Updates: 3748 Microsoft Corporation
Category: Standards Track P. Eronen
Nokia
August 2008
Extensible Authentication Protocol (EAP) Key Management Framework
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Abstract
The Extensible Authentication Protocol (EAP), defined in RFC 3748,
enables extensible network access authentication. This document
specifies the EAP key hierarchy and provides a framework for the
transport and usage of keying material and parameters generated by
EAP authentication algorithms, known as "methods". It also provides
a detailed system-level security analysis, describing the conditions
under which the key management guidelines described in RFC 4962 can
be satisfied.
Aboba, et al. Standards Track [Page 1]
RFC 5247 EAP Key Management Framework August 2008
Table of Contents
1. Introduction ....................................................3
1.1. Requirements Language ......................................3
1.2. Terminology ................................................3
1.3. Overview ...................................................7
1.4. EAP Key Hierarchy .........................................10
1.5. Security Goals ............................................15
1.6. EAP Invariants ............................................16
2. Lower-Layer Operation ..........................................20
2.1. Transient Session Keys ....................................20
2.2. Authenticator and Peer Architecture .......................22
2.3. Authenticator Identification ..............................23
2.4. Peer Identification .......................................27
2.5. Server Identification .....................................29
3. Security Association Management ................................31
3.1. Secure Association Protocol ...............................32
3.2. Key Scope .................................................35
3.3. Parent-Child Relationships ................................35
3.4. Local Key Lifetimes .......................................37
3.5. Exported and Calculated Key Lifetimes .....................37
3.6. Key Cache Synchronization .................................40
3.7. Key Strength ..............................................40
3.8. Key Wrap ..................................................41
4. Handoff Vulnerabilities ........................................41
4.1. EAP Pre-Authentication ....................................43
4.2. Proactive Key Distribution ................................44
4.3. AAA Bypass ................................................46
5. Security Considerations ........................................50
5.1. Peer and Authenticator Compromise .........................51
5.2. Cryptographic Negotiation .................................53
5.3. Confidentiality and Authentication ........................54
5.4. Key Binding ...............................................59
5.5. Authorization .............................................60
5.6. Replay Protection .........................................63
5.7. Key Freshness .............................................64
5.8. Key Scope Limitation ......................................66
5.9. Key Naming ................................................66
5.10. Denial-of-Service Attacks ................................67
6. References .....................................................68
6.1. Normative References ......................................68
6.2. Informative References ....................................68
Acknowledgments ...................................................74
Appendix A - Exported Parameters in Existing Methods ..............75
Aboba, et al. Standards Track [Page 2]
RFC 5247 EAP Key Management Framework August 2008
1. Introduction
The Extensible Authentication Protocol (EAP), defined in [RFC3748],
was designed to enable extensible authentication for network access
in situations in which the Internet Protocol (IP) protocol is not
available. Originally developed for use with Point-to-Point Protocol
(PPP) [RFC1661], it has subsequently also been applied to IEEE 802
wired networks [IEEE-802.1X], Internet Key Exchange Protocol version
2 (IKEv2) [RFC4306], and wireless networks such as [IEEE-802.11] and
[IEEE-802.16e].
EAP is a two-party protocol spoken between the EAP peer and server.
Within EAP, keying material is generated by EAP authentication
algorithms, known as "methods". Part of this keying material can be
used by EAP methods themselves, and part of this material can be
exported. In addition to the export of keying material, EAP methods
can also export associated parameters such as authenticated peer and
server identities and a unique EAP conversation identifier, and can
import and export lower-layer parameters known as "channel binding
parameters", or simply "channel bindings".
This document specifies the EAP key hierarchy and provides a
framework for the transport and usage of keying material and
parameters generated by EAP methods. It also provides a detailed
security analysis, describing the conditions under which the
requirements described in "Guidance for Authentication,
Authorization, and Accounting (AAA) Key Management" [RFC4962] can be
satisfied.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
1.2. Terminology
The terms "Cryptographic binding", "Cryptographic separation", "Key
strength" and "Mutual authentication" are defined in [RFC3748] and
are used with the same meaning in this document, which also
frequently uses the following terms:
4-Way Handshake
A pairwise Authentication and Key Management Protocol (AKMP)
defined in [IEEE-802.11], which confirms mutual possession of a
Pairwise Master Key by two parties and distributes a Group Key.
Aboba, et al. Standards Track [Page 3]
RFC 5247 EAP Key Management Framework August 2008
AAA Authentication, Authorization, and Accounting
AAA protocols with EAP support include "RADIUS Support for EAP"
[RFC3579] and "Diameter EAP Application" [RFC4072]. In this
document, the terms "AAA server" and "backend authentication
server" are used interchangeably.
AAA-Key
The term AAA-Key is synonymous with Master Session Key (MSK).
Since multiple keys can be transported by AAA, the term is
potentially confusing and is not used in this document.
Authenticator
The entity initiating EAP authentication.
Backend Authentication Server
A backend authentication server is an entity that provides an
authentication service to an authenticator. When used, this
没有合适的资源?快使用搜索试试~ 我知道了~
freeradius
需积分: 0 11 下载量 61 浏览量
2011-04-29
11:33:13
上传
评论 1
收藏 3.85MB GZ 举报
温馨提示
共1306个文件
c:184个
in:109个
txt:92个
freeradius的源码,有兴趣的人可以看看
资源推荐
资源详情
资源评论
收起资源包目录
freeradius (1306个子文件)
radclient.1 6KB
radwho.1 3KB
radzap.1 2KB
radtest.1 2KB
radeapclient.1 1KB
radlast.1 660B
dictionary.3com 1KB
dictionary.3gpp 1KB
dictionary.3gpp2 5KB
unlang.5 22KB
users.5 8KB
rlm_policy.5 5KB
dictionary.5 5KB
rlm_sql.5 5KB
radrelay.conf.5 4KB
rlm_attr_filter.5 4KB
radiusd.conf.5 4KB
rlm_passwd.5 4KB
rlm_sql_log.5 4KB
rlm_pap.5 3KB
rlm_counter.5 3KB
rlm_files.5 2KB
rlm_mschap.5 2KB
clients.conf.5 2KB
rlm_realm.5 2KB
rlm_expr.5 2KB
rlm_acct_unique.5 2KB
rlm_detail.5 2KB
rlm_digest.5 2KB
rlm_unix.5 1KB
rlm_always.5 1KB
rlm_attr_rewrite.5 1KB
rlm_chap.5 794B
acct_users.5 704B
radiusd.8 8KB
rlm_ippool_tool.8 7KB
radmin.8 5KB
raddebug.8 3KB
radrelay.8 2KB
radsqlrelay.8 2KB
radwatch.8 832B
configure.ac 2KB
dictionary.acc 11KB
attrs.access_challenge 513B
attrs.access_reject 458B
attrs.accounting_response 437B
acct_unique 457B
acct_users 671B
dictionary.acme 9KB
dictionary.airespace 522B
dictionary.alcatel 3KB
dictionary.alteon 853B
dictionary.altiga 6KB
dictionary.alvarion 12KB
always 420B
Makefile.am 763B
dictionary.apc 535B
dictionary.aptis 8KB
dictionary.aruba 359B
dictionary.ascend 57KB
ascend 2KB
dictionary.asn 3KB
attr_filter 1KB
attr_rewrite 1KB
ldap.attrmap 3KB
sql.attrmap 2KB
user_edit.attrs 6KB
attrs 4KB
sql.attrs 951B
accounting.attrs 639B
dictionary.audiocodes 520B
AUTHORS 690B
dictionary.avaya 823B
dictionary.azaire 1KB
backup_radacct 2KB
dictionary.bay 11KB
bay 486B
dictionary.cisco.bbsm 292B
dictionary.bintec 1KB
bootstrap 3KB
dictionary.bristol 373B
buffered-sql 4KB
bugs 5KB
ltdl.c 97KB
event.c 91KB
rlm_ldap.c 85KB
radius.c 81KB
conffile.c 53KB
realms.c 53KB
modcall.c 51KB
command.c 51KB
listen.c 51KB
rlm_sql.c 48KB
valuepair.c 41KB
dict.c 40KB
parse.c 38KB
rlm_mschap.c 37KB
radeapclient.c 35KB
rlm_radutmp2.c 35KB
modules.c 35KB
共 1306 条
- 1
- 2
- 3
- 4
- 5
- 6
- 14
资源评论
wang461137703
- 粉丝: 19
- 资源: 1
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功