57th IETF WIEN, Austria, July 13-18, 2003

1
57th IETFWIEN, Austria, July 13-18, 2003EAP
Secured Smartcard Channel
Draft-urien-EAP-SSC-00.txt

• Pascal Urien, Mesmin DANDJINOU
• ENST
• Pascal.Urien_at_enst.fr

2
EAP-SSC at a glance

• Use of a single EAP type.
• Introduction of multiple sub-types.
• Symmetric or Asymmetric Key Exchange Procedures.
• Two working phases
• Session Key (SK) Exchange Validation
• Shared Secret.
• Common Certification Authority.
• Secure Messaging.
• Simple, but robust, security mechanisms, based on
• SHA-1 digest
• 3DES, AES
• Secure messaging could be used to exchange
  messages with embedded repositories in smartcards.

3
EAP-SSC Overview
Smartcard
Supplicant
Authenticator
RADIUS server
Embedded Repository
EAP
EAP / RADIUS
EAP / LAN
EAP / 7816
RADIUS
802.1x
ISO 7816
SSC messages
EAP Secured Smartcard Channel
4
EAP-SSC PDUs
5
Key Production Symmetric Case
r2 2nd random number
r11st random number
Session Key
DSHA-1 sshared secret
Sub-Type 1, Start, r1 (20 bytes)
SK D(r1 r2 s)
r2 (20 bytes) XOR D(r1 s)
SK D(r1 r2 s )
M1, D1(M1 SK)
D1 D(M1 SK)
D1 D(M1 SK)
M2, D2(M2 D1 SK)
Mi, Di
Di D(Mi Di-1 SK)
Mi1,Di1
Di D(Mi Di-1 SK)
End, Mj, Dj
EAP-Success
SK Production Validation
Secure Messaging
6
Key Production Asymmetric Case
C1, C2 Optional Sequence of X.509
Certificates r1, r2 Integer
r11st random number
D SHA-1
r2 2nd random number
Sub-Type 2, Start, SeqC1, Int r1
SK D(r1 r2)
SeqC2, Intr2K1public, IntD0K2private
SK D(r1 r2 )
Session Key
M1 , D1(M1 SK)
D1 D(M1 SK)
D1 D(M1, SK)
M2 , D2(M2 D1 SK)
Mi, Di
Di D(Mi Di-1 SK)
Mi1, Di1
Di D(Mi Di-1 SK)
End Mj, Dj
EAP-Success
SK Production Validation
Secure Messaging
7
Secure Messaging

• All messages Mi are ended by a digest value Di.
• SK(r1, r2 ,s)
• D1 D(M1, SK)
• igt2, Di D(Mi, Di-1, SK)
• Message format is not yet defined.

r1, r2 ,s
SK
M2,D2
M3,D3
Mi,Di
M1,D1
8
Future Work

• Random number format rules, for the asymmetric
  case.
• Messages Ciphering
• 3DES
• AES
• Messages Format

9
Questions ?