1. July 16, 20031 Diameter EAP Application (draft-ietf-aaa-eap-02.txt) Jari.Arkko@ericsson.com on behalf of... Pasi.Eronen@nokia.com

2. July 16, 20032 Outline of the Presentation Part 1: Introduction Part 2: Redirects Part 3: Protocol details Part 4: Security considerations Part 5: Next Steps

3. July 16, 20033 Part 1: Introduction

4. July 16, 20034 Introduction ”2869bis plus key AVPs for Diameter” Scope –One EAP conversation, no role reversal –One NAS, no handoffs or key distribution to multiple NASes –No new NAS-to-home-server security mechanisms, but works end-to-end between the NAS and the home server

5. July 16, 20035 Basic sequence (initiate EAP) ClientServerNAS Diameter-EAP-Request EAP-Payload(EAP start) Diameter-EAP-Answer Result-Code=SUCCESS EAP-Master-Session-Key EAP-Payload(Success) EAPOL(Request(…)) EAPOL(Success) Diameter-EAP-Answer Result-Code=MULTI_ROUND_AUTH EAP-Payload(Request(…)) Diameter-EAP-Request EAP-Payload(Response(…)) EAPOL(Response (…)) (4-way handshake)

6. July 16, 20036 Changes in -02 Redirects / NASREQ interaction Added various protocol details RADIUS translation –RFC 2548 translation desirable, too Security considerations

7. July 16, 20037 Part 2: Redirects

8. July 16, 20038 Redirects and NASREQ interaction Without CMS, proxy agents can see the EAP MSK Solution in –02 for avoiding proxies: –NAS contacts the home server directly; redirects used if there would otherwise be a proxy –An optional separate request to retrieve authorization AVPs through the proxy chain

9. July 16, 20039 Finding server with redirects Diameter-EAP-Request EAP-Payload(EAP start) Diameter-EAP-Answer Redirect-Host=… Redirect-Host-Usage= R EALM_AND_APPLICATION NASServer Diameter-EAP-Request EAP-Payload(EAP start) Proxy

10. July 16, 200310 Diameter-EAP-Request Auth-Request-Type=A UTHORIZE_AUTHENTICATE Proxy Diameter-EAP-Answer Result-Code=D IAMETER_LIMITED_SUCCESS EAP-Master-Session-Key (some authorization AVPs) NASREQ-AA-Request Auth-Request-Type=A UTHORIZE_ONLY (some AVPs from previous message) NAS Server Separate Authorization AVP Retrieval

11. July 16, 200311 Separate Authorization AVP Retrieval Diameter-EAP-Request Auth-Request-Type=A UTHENTICATE_ONLY Proxy Diameter-EAP-Answer Result-Code=D IAMETER_SUCCESS EAP-Master-Session-Key (possibly some authorization AVPs) NASREQ-AA-Request Auth-Request-Type=A UTHORIZE_ONLY (some AVPs from previous message) NAS Server

12. July 16, 200312 Issues in Redirects The authorization AVP retrieval uses NASREQ, since Diameter realm routing table isn’t command-specific Who decides whether the separate proxy pass is needed? What exactly does a redirect + elimination of proxies buy us?

13. July 16, 200313 Proxy Elimination + Key is not shown to other parties + Lengthy EAP runs become faster + We authenticate the node on the other side - But untrusted proxies can still misbehave! –Proxy might not send a Redirect –Proxy might send the wrong server’s address => We need additional authorization –Configuration –Attributes in server certs? –NAI realm vs. FQDN in server check

14. July 16, 200314 Diameter authorization TLS authenticates Diameter nodes, but… When the NAS talks to foo.example.com, is this actually the server for realm example.com? –Local configuration –Trust redirect agent –Trust DNS –Separate CA for servers –Certificate name matching (+possibly separate CA) –Certificate extensions When the server gets a connection from bar.example.com, is this a valid access point? –Separate CA for access points –Certificate extensions

15. July 16, 200315 Part 3: Protocol Details

16. July 16, 200316 Protocol details Invalid packets Fragmentation EAP retransmission Accounting-EAP-Auth-Method EAP-Master-Session-Key

17. July 16, 200317 Protocol details: Invalid packets In RADIUS, this message contains a copy of the previous EAP Request, but we don’t want to keep inter-request state Some alternatives –EAP-Reissued-Payload AVP (instead of EAP-Payload), and normal D IAMETER_MULTI_ROUND_AUTH Result-Code –New D IAMETER_EAP_INVALID_PACKET Result-Code, and normal EAP-Payload AVP –But BASE and NASREQ contain multiple statements like ”if Result-Code is D IAMETER_MULTI_ROUND_AUTH, then…”

18. July 16, 200318 Protocol details: Fragmentation New AVP: EAP-MTU –Link MTU != max. size of EAP packet –E.g., IKEv2 can carry large EAP packets, but the MTU of the IPsec tunnel set up by IKEv2 is something different RADIUS translation waiting for clarification of 2869bis and/or draft-congdon-radius-8021x

19. July 16, 200319 Protocol details: Accounting-EAP-Auth-Method How NAS determines the method? –Not specified for MS-Acct-EAP-Type –Proposed solution: server returns it in successful Diameter-EAP-Answer RFC2548 has also MS-Acct-Auth-Type –PAP/CHAP/EAP/MS-CHAP-2/etc. –Should we add Accounting-Auth-Method to NASREQ or here?

20. July 16, 200320 Protocol details: EAP-Master-Session-Key Simple AVP (OctetString) Can be translated to MS-MPPE-* But EAP WG is discussing key naming! We may need more AVPs

21. July 16, 200321 Part 4: Security Considerations

22. July 16, 200322 Security considerations: System perspective No document contains security considerations for the whole system? –Gets even more complex if we have handoffs or key distribution to multiple NASes –(May require changes not just to all three components, but to interfaces between them) Diameter EAP 802.11

23. July 16, 200323 Part 5: Next Steps

24. July 16, 200324 Next steps Very much dependent on EAP keying framework security discussion & Russ’ requirements from IETF-56 –Finish that discussion first Identify other issues that still need work –Comments really welcome! Finish document –Keep current scope