Internet-Draft draft-ietf-emu-aka-pfs-12.txt is now available. It is a work item of the EAP Method Update (EMU) WG of the IETF.
Title: Forward Secrecy for the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' FS) Authors: Jari Arkko Karl Norrman John Preuß Mattsson Name: draft-ietf-emu-aka-pfs-12.txt Pages: 34 Dates: 2024-02-19 Abstract: This document updates RFC 9048, the improved Extensible Authentication Protocol Method for 3GPP Mobile Network Authentication and Key Agreement (EAP-AKA'), with an optional extension providing ephemeral key exchange. Similarly, this document also updates the earlier version of the EAP-AKA' specification in RFC 5448. The extension EAP-AKA' Forward Secrecy (EAP-AKA' FS), when negotiated, provides forward secrecy for the session keys generated as a part of the authentication run in EAP-AKA'. This prevents an attacker who has gained access to the long-term key from obtaining session keys established in the past, assuming these have been properly deleted. In addition, EAP-AKA' FS mitigates passive attacks (e.g., large scale pervasive monitoring) against future sessions. This forces attackers to use active attacks instead. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-emu-aka-pfs/ There is also an HTMLized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-emu-aka-pfs-12 A diff from the previous version is available at: https://author-tools.ietf.org/iddiff?url2=draft-ietf-emu-aka-pfs-12 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu