Internet-Draft draft-ietf-emu-aka-pfs-12.txt is now available. It is a work
item of the EAP Method Update (EMU) WG of the IETF.
Title: Forward Secrecy for the Extensible Authentication Protocol Method
for Authentication and Key Agreement (EAP-AKA' FS)
Authors: Jari Arkko
Karl Norrman
John Preuß Mattsson
Name: draft-ietf-emu-aka-pfs-12.txt
Pages: 34
Dates: 2024-02-19
Abstract:
This document updates RFC 9048, the improved Extensible
Authentication Protocol Method for 3GPP Mobile Network Authentication
and Key Agreement (EAP-AKA'), with an optional extension providing
ephemeral key exchange. Similarly, this document also updates the
earlier version of the EAP-AKA' specification in RFC 5448. The
extension EAP-AKA' Forward Secrecy (EAP-AKA' FS), when negotiated,
provides forward secrecy for the session keys generated as a part of
the authentication run in EAP-AKA'. This prevents an attacker who
has gained access to the long-term key from obtaining session keys
established in the past, assuming these have been properly deleted.
In addition, EAP-AKA' FS mitigates passive attacks (e.g., large scale
pervasive monitoring) against future sessions. This forces attackers
to use active attacks instead.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-emu-aka-pfs/
There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-emu-aka-pfs-12
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-emu-aka-pfs-12
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
