- PowerPoint PPT Presentation

1 / 3
About This Presentation
Title:

Description:

Authentication with shared key, based on the TLS standard resume mode. Session-id: client login ... 3 Pascal URIEN, IETF 63th Paris, France, 2nd August 2005 ... – PowerPoint PPT presentation

Number of Views:12
Avg rating:3.0/5.0
Slides: 4
Provided by: packa83
Category:
Tags: paris | sharing

less

Transcript and Presenter's Notes

Title:


1
draft-badra-eap-double-tls-03.txt
  • Pascal.Urien_at_enst.fr

2
Goals
  • Authentication with shared key, based on the TLS
    standard resume mode
  • Session-id client login
  • Master-secret client shared secret
  • EAP-ID session-id or session-id_at_server.com
  • An EAP-TLS smartcard may store the tuple
    (session-id, master-secret)
  • Main idea Ensuring users anonymity
  • A second TLS handshake may be used to modify
  • The session-id
  • The master-secret
  • An inner-TLS AVP mechanism may be used to
    transport an other protocol (EAP,) that could
    modify
  • The session-id
  • The master-secret

pre_master_secret
server_random
client_random
master_secret
PRF
PRF
key_block
MSK,EMSK
3
Expert review summary (hannes.tschofenig)
  • 1a. Mechanism. Is the mechanism explained?
  • ht the mechanism used eap-tls,
    draft-ietf-tls-sharedkeys and some additional
    "inner" mechanisms similar to peap or ttls (but
    seems to go beyond them). gt the security
    properties of the "inner" mechanisms are not well
    described (e.g., the usage of draft-urien-eap-sma
    rtcard or other authentication mechanisms such as
    kerberos).
  • pu More details are needed
  • 1b. Security claims. Are the claimed and not
    claimed properties listed?
  • ht The draft name says "double-tls" but one
    option is the protocol is it to use it without
    the "double" part) as a consequence the security
    properties are entirely different
  • pu Draft should focus on double-TLS only ?
  • 1e. Description of key hierarchy. Is the key
    hierarchy documented? no
  • ht section 3.4 mentions the key derivation.
    however, more information is required to see how
    the crypto-binding works, how the MSK is derived.
    The current text seems to focus on the tls key
    derivation.
  • pu To be improved
  • 4a. Does the method comply with EAP-based IANA
    requirements defined in Section 6 of RFC 3748?
  • ht a request to iana to allocate a new eap type
    is indicated. inner methods might also require
    the creation of a registry or is the eap-ttls
    namespace inherited?
  • pu Yes for eap-ttls avp, but not for inner
    methods (The draft does not use new EAP methods
    during its second phase). The draft does not
    define new extension type. It is based on TLS
    resumed Handshake.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!