[Emu] I-D Action: draft-ietf-emu-aka-pfs-01.txt

2019-11-04 Thread internet-drafts


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the EAP Method Update WG of the IETF.

Title   : Perfect-Forward Secrecy for the Extensible 
Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' 
PFS)
Authors : Jari Arkko
  Karl Norrman
  Vesa Torvinen
Filename: draft-ietf-emu-aka-pfs-01.txt
Pages   : 25
Date: 2019-11-04

Abstract:
   Many different attacks have been reported as part of revelations
   associated with pervasive surveillance.  Some of the reported attacks
   involved compromising smart cards, such as attacking SIM card
   manufacturers and operators in an effort to compromise shared secrets
   stored on these cards.  Since the publication of those reports,
   manufacturing and provisioning processes have gained much scrutiny
   and have improved.  However, the danger of resourceful attackers for
   these systems is still a concern.

   This specification is an optional extension to the EAP-AKA'
   authentication method which was defined in RFC 5448 (to be superseded
   by draft-ietf-emu-rfc5448bis).  The extension, when negotiated,
   provides Perfect Forward Secrecy for the session key generated as a
   part of the authentication run in EAP-AKA'.  This prevents an
   attacker who has gained access to the long-term pre-shared secret in
   a SIM card from being able to decrypt all past communications.  In
   addition, if the attacker stays merely a passive eavesdropper, the
   extension prevents attacks against future sessions.  This forces
   attackers to use active attacks instead.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-emu-aka-pfs/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-emu-aka-pfs-01
https://datatracker.ietf.org/doc/html/draft-ietf-emu-aka-pfs-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-aka-pfs-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

___
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu


Re: [Emu] POST WGLC Comments draft-ietf-emu-eap-tls13

2019-11-04 Thread Alan DeKok
  After checking the draft again, Section 2.1.4 does have comments about 
anonymizing the NAI.  But those comments are limited to NAIs derived from 
certificates.

  I think that the text needs to be expanded to make the recommendations more 
genetic, and clearer.  I hope that my previous message clarified some of the 
issues here.

  I would like to see some discussion of these topics in the draft.  I don't 
think it's clear enough that the EAP Identity should always be "@realm", and 
there is no discussion on EAP Identity and resumption.

  I would suggest a new section called "Identities".  This section could go 
after 2.1.1, and incorporate some existing text from the Privacy section.  
Suggested text follows.

Identities

EAP-TLS peer and server implementations supporting TLS 1.3 or higher
MUST support anonymous NAIs (Network Access Identifiers) (Section 2.4
in [RFC7542]) and a client supporting TLS 1.3 MUST NOT send its
username in cleartext in the Identity Response.  It is RECOMMENDED to
use anonymous NAIs, but other solutions where the username is
encrypted MAY be used.

This recommendation applies to all uses of EAP-TLS, no matter the underlying 
TLS authentication mechanism.  This recommendation also applies when resumption 
is used.

The anonymous NAI can often be derived automatically.  When certificates are 
used, the certificate common name is often in the form of an email address.  
The anonymous NAI can be derived from that address by using only the "@realm" 
portion.  This derivation has privacy implications, as discussed in the Privacy 
section, below.

In some cases, the anonymous NAI cannot be derived from the underlying TLS 
authentication mechanism.  For example, when PSKs are used, the PSK identity 
may be an opaque binary string.  Binary data is not compatible with the EAP 
Response / Identity field, as Section 5.1 of 3748 requires that the Identity 
field be composed solely of UTF-8 encoded ISO 10646 characters.  Instead, the 
Identity may be statically pre-provisioned.  Or for resumption, the Identity 
used for resumption SHOULD be the same as the Identity used for the original 
authentication.
___
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu


[Emu] I-D Action: draft-ietf-emu-eap-session-id-01.txt

2019-11-04 Thread internet-drafts


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the EAP Method Update WG of the IETF.

Title   : EAP Session-Id Derivation for EAP-SIM, EAP-AKA, and 
PEAP
Author  : Alan DeKok
Filename: draft-ietf-emu-eap-session-id-01.txt
Pages   : 9
Date: 2019-11-04

Abstract:
   EAP Session-Id derivation has not been defined for EAP-SIM or EAP-AKA
   when using the fast re-authentication exchange instead of full
   authentication.  This document updates RFC 5247 to define those
   derivations for EAP-SIM and EAP-AKA.  Since RFC5448bis defines the
   Session-ID for EAP-AKA', the definition for EAP-AKA' is not included
   here.  RFC 5247 also does not define Session-Id derivation for PEAP.
   A definition is given here which follows the definition for other
   TLS-based EAP methods.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-emu-eap-session-id/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-emu-eap-session-id-01
https://datatracker.ietf.org/doc/html/draft-ietf-emu-eap-session-id-01

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-eap-session-id-01


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

___
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu