Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extending EAP Keying Vidya Narayanan (vidyan@qualcomm.com) Lakshminath Dondeti (ldondeti@qualcomm.com)

Published byMarianna Allison Modified over 6 years ago

Similar presentations

Presentation on theme: "Extending EAP Keying Vidya Narayanan (vidyan@qualcomm.com) Lakshminath Dondeti (ldondeti@qualcomm.com)"— Presentation transcript:

1 Extending EAP Keying Vidya Narayanan Lakshminath Dondeti

2 Preface Philosophical question – is this even needed?
Why this presentation? Concerns over some of the proposed key hierarchies associated with previous versions of the charter Felt a need to summarize previous work and rules/guidelines to follow and present the bigger picture Needless to say, these are our individual opinions!!

3 Motivation for our work
Possible areas of investigation for EAP keying usage Handoffs Pre-authentication Localized re-authentication Pro-active keying Bootstrapping legacy PSK-based applications Extensibility for future uses

4 Problem Statement Allowable uses for EAP keying material
Can’t anticipate all use cases Prevent one application of EAP keying from imposing constraints on others Avoid key re-use Consistent key naming Simple framework that allows independent key derivation Key compromise in one application must not impact other applications

5 Areas of Work Coordinated derivation of keys from EMSK Key hierarchy
Key naming Key derivation Key distribution Key scoping Key lifetimes and expiration Applications of derived keys

6 EAP Keying Hierarchy Long Term Credential MSK EMSK TSK AMSK1 AMSKn

7 Next Steps EAP Keying Gap Analysis EMSK Usage Guidelines
MSK usage clearly defined EMSK usage not defined EMSK Usage Guidelines Key hierarchy Key naming Key derivation AMSK Usage Guidelines Key distribution Key scoping Key lifetimes and expiration

Download ppt "Extending EAP Keying Vidya Narayanan (vidyan@qualcomm.com) Lakshminath Dondeti (ldondeti@qualcomm.com)"

Similar presentations

Doc.: IEEE 802.11-04/1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,

Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
EAP Scenarios and 802.1af Joseph Salowey 1/12/2006.

EAP Scenarios and 802.1af Joseph Salowey 1/12/2006.
7/13/061 The Problem of Handover Keying IETF 66 Montreal.

7/13/061 The Problem of Handover Keying IETF 66 Montreal.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16, 2003 1300 - 1500.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.

1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.
21-06-0727-01-0000 IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN:21-06-0727-01-0000 Title: Proposal for IEEE 802.21 Study Group on Security Signaling Optimization.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Proposal for IEEE Study Group on Security Signaling Optimization.
2015-10-17Hokey IETF 81 Quebec1 EAP Extensions for EAP Re- authentication Protocol draft-ietf-hokey-rfc5296bis-04 Qin Wu Zhen Cao Yang Shi Baohong He.

Hokey IETF 81 Quebec1 EAP Extensions for EAP Re- authentication Protocol draft-ietf-hokey-rfc5296bis-04 Qin Wu Zhen Cao Yang Shi Baohong He.
EAP-PSK v8 IETF 63 – Paris, France August 2005. EAP-PSK: an independent submission to IESG Requested EAP method type number allocation Reviewed June 2005.

EAP-PSK v8 IETF 63 – Paris, France August EAP-PSK: an independent submission to IESG Requested EAP method type number allocation Reviewed June 2005.
August 2, 2005draft-vidya-mipshop-fast-handover-aaa-00 Handover Keys using AAA (draft-vidya-mipshop-fast-handover-aaa-00.txt) Vidya Narayanan Narayanan.

August 2, 2005draft-vidya-mipshop-fast-handover-aaa-00 Handover Keys using AAA (draft-vidya-mipshop-fast-handover-aaa-00.txt) Vidya Narayanan Narayanan.
EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.
7/13/061 Handover Keying Reqs IETF 66 Montreal. 7/13/062 Problem scope requirements (1) MUST Support multiple access technologies MUST not require full.

7/13/061 Handover Keying Reqs IETF 66 Montreal. 7/13/062 Problem scope requirements (1) MUST Support multiple access technologies MUST not require full.
ERP/AAK support for Inter-AAA realm handover discussion Hao Wang, Tina Tsou, Richard.

ERP/AAK support for Inter-AAA realm handover discussion Hao Wang, Tina Tsou, Richard.
Doc.:11-06-0372-01-000r Submission March 2006 AllSlide 1 A method to refresh the keys hierarchy periodically Notice: This document has been prepared to.

Doc.: r Submission March 2006 AllSlide 1 A method to refresh the keys hierarchy periodically Notice: This document has been prepared to.
RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.

RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.
May 14, 2007 Simon Mizikovsky, Zhibi Wang, Alcatel-Lucent ABSTRACT: A security architecture for the UMB RAN-AGW is provided. Multiple PMIP tunnels from.

May 14, 2007 Simon Mizikovsky, Zhibi Wang, Alcatel-Lucent ABSTRACT: A security architecture for the UMB RAN-AGW is provided. Multiple PMIP tunnels from.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-05.txt Bernard Aboba Microsoft IETF 62, Minneapolis, MN.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-05.txt Bernard Aboba Microsoft IETF 62, Minneapolis, MN.
CK1114AW The Strategic Outcomes & Local Delivery Plan Developing our Strategic Priorities - Introduction Fiona Campbell, Head of Policy, Technology & Improvement.

CK1114AW The Strategic Outcomes & Local Delivery Plan Developing our Strategic Priorities - Introduction Fiona Campbell, Head of Policy, Technology & Improvement.
Pre-authentication Problem Statement (draft-ohba-hokeyp-preauth-ps-00

Pre-authentication Problem Statement (draft-ohba-hokeyp-preauth-ps-00
RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt

RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt

Similar presentations

Ads by Google