A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the EAP Method Update WG of the IETF.
Title : Forward Secrecy for the Extensible Authentication
Protocol Method for Authentication and Key Agreement (EAP-AKA' FS)
Authors : Jari Arkko
Karl Norrman
Vesa Torvinen
Filename : draft-ietf-emu-aka-pfs-06.txt
Pages : 26
Date : 2022-03-07
Abstract:
Many different attacks have been reported as part of revelations
associated with pervasive surveillance. Some of the reported attacks
involved compromising smart cards, such as attacking SIM card
manufacturers and operators in an effort to compromise shared secrets
stored on these cards. Since the publication of those reports,
manufacturing and provisioning processes have gained much scrutiny
and have improved. However, the danger of resourceful attackers for
these systems is still a concern.
This specification is an optional extension to the EAP-AKA'
authentication method which was defined in [RFC9048]. The extension,
when negotiated, provides Forward Secrecy for the session key
generated as a part of the authentication run in EAP-AKA'. This
prevents an attacker who has gained access to the long-term pre-
shared secret in a SIM card from being able to decrypt any past
communications. In addition, if the attacker stays merely a passive
eavesdropper, the extension prevents attacks against future sessions.
This forces attackers to use active attacks instead.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-emu-aka-pfs/
There is also an htmlized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-emu-aka-pfs-06
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-aka-pfs-06
Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
_______________________________________________
Emu mailing list
Emu@ietf.org
https://www.ietf.org/mailman/listinfo/emu
