List Info

Thread: Strawman -10/EMSK deletion requirement?
Strawman -10/EMSK deletion requirement?
user name
 2006-03-06 23:38:35 
 

-----Original Message-----
From: Salowey, Joe [mailto:jsaloweycisco.com] 
Sent: Monday, March 06, 2006 12:06 PM
To: Nakhjiri Madjid-MNAKHJI1; Rafa Marin Lopez; Bernard
Aboba
Cc: eapfrascone.com
Subject: RE: [eap] Strawman -10/EMSK deletion requirement?

 
> Madjid>>I guess the number of people who are not
sure about definition
> of AAA layer is more than one 
> Joking aside, what is your reason what not making EMSK
available to 
> lower layer, while doing so for MSK is ok? What is the
fundamental 
> difference.
> > 
[Joe] If you pass the EMSK to the lower layer it becomes
effectively the
same as the MSK.  If you want use the EMSK to key an
independent
application that uses a different authenticator the security
of that
application becomes completely dependent upon the lower
layer its
authenticator.  

Madjid>>I am not transporting the EMSK anywhere. I
thought that was a
main distinction.
Well, the role of authenticator may be not as relevant as
the role of
the AAA server in keying for an application. Authenticator
is just a
pass-through for EAP, the applications don't have to get
their keys from
the authenticator.


> > In both cases we require deletion of EMSK after
generation of AMSK, 
> > why?
> > 
> [Joe] To minimize the chance of exposure of the EMSK. 
Why do you need

> to cache it? Could you generate and cache an AMSK
instead?
> 
> Madjid>>because a priori I cannot know how many
AMSKs I may
> need later.
> An application may pop up later that needs keying or I
move to a 
> different domain that may require a new AMSK, but I
cannot anticipate 
> the move ahead of time...
> 
[Joe] A different application I may understand although it
seems the
system typically knows the applications that are in use.  If
you don't
I'm not sure how can authorize the distribution of keys. 
For the
handoff case consider deriving an Handoff AMSK from the
EMSK.  This
handoff AMSK becomes the root of all keys used for handoff.
When you
move you derive a key from the handoff AMSK. 

Madjid>>Well today, you run one EAP every time you
need keys for a
protocol (MIPv6 or something else, SIP, I don't know). Do
you know
exactly at the start how many protocols you want to key for?
Do you want
to run a new EAP every time you find out?
For handover, yes HO-AMSK is a good solution, if you own the
whole
network, I don't know what sort of requirements people will
have moving
to another operator network??

____________________________________________________________
_____
To unsubscribe or modify your subscription options, please
visit:
http:/
/lists.frascone.com/mailman/listinfo/eap

Arhives: http://lists.
frascone.com/pipermail/eap
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )