[New-wg-docs] I-D Action: draft-ietf-emu-aka-pfs-00.txt

internet-drafts@ietf.org Thu, 25 July 2019 13:35 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: new-wg-docs@ietf.org
Delivered-To: new-wg-docs@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 9DEB3120130 for <new-wg-docs@ietf.org>; Thu, 25 Jul 2019 06:35:34 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: <new-wg-docs@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.99.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <156406173457.12589.3461780741001642457@ietfa.amsl.com>
Date: Thu, 25 Jul 2019 06:35:34 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-wg-docs/gaCMeCuCEX7FiOmXvMJyYchLaaw>
Subject: [New-wg-docs] I-D Action: draft-ietf-emu-aka-pfs-00.txt
X-BeenThere: new-wg-docs@ietf.org
X-Mailman-Version: 2.1.29
List-Id: <new-wg-docs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/new-wg-docs>, <mailto:new-wg-docs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/new-wg-docs/>
List-Post: <mailto:new-wg-docs@ietf.org>
List-Help: <mailto:new-wg-docs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/new-wg-docs>, <mailto:new-wg-docs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2019 13:35:35 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the EAP Method Update WG of the IETF.

        Title           : Perfect-Forward Secrecy for the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' PFS)
        Authors         : Jari Arkko
                          Karl Norrman
                          Vesa Torvinen
	Filename        : draft-ietf-emu-aka-pfs-00.txt
	Pages           : 25
	Date            : 2019-07-25

   Many different attacks have been reported as part of revelations
   associated with pervasive surveillance.  Some of the reported attacks
   involved compromising smart cards, such as attacking SIM card
   manufacturers and operators in an effort to compromise shared secrets
   stored on these cards.  Since the publication of those reports,
   manufacturing and provisioning processes have gained much scrutiny
   and have improved.  However, the danger of resourceful attackers for
   these systems is still a concern.

   This specification is an optional extension to the EAP-AKA'
   authentication method which was defined in RFC 5448 (to be superseded
   by draft-ietf-emu-rfc5448bis).  The extension, when negotiated,
   provides Perfect Forward Secrecy for the session key generated as a
   part of the authentication run in EAP-AKA'.  This prevents an
   attacker who has gained access to the long-term pre-shared secret in
   a SIM card from being able to decrypt all past communications.  In
   addition, if the attacker stays merely a passive eavesdropper, the
   extension prevents attacks against future sessions.  This forces
   attackers to use active attacks instead.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at: