Perfect-Forward Secrecy for the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' PFS)
2019
Many different attacks have been reported as part of revelations
associated with pervasive surveillance. Some of the reported attacks
involved compromising smart cards, such as attacking SIM card
manufacturers and operators in an effort to compromise shared secrets
stored on these cards. Since the publication of those reports,
manufacturing and provisioning processes have gained much scrutiny and
have improved. However, the danger of resourceful attackers for these
systems is still a concern. This specification is an optional
extension to the EAP-AKA' authentication method which was defined
in RFC 5448 (to be superseded by draft-ietf-emu-rfc5448bis). The
extension, when negotiated, provides Perfect Forward Secrecy for the
session key generated as a part of the authentication run in EAP-
AKA'. This prevents an attacker who has gained access to the long-
term pre-shared secret in a SIM card from being able to decrypt all
past communications. In addition, if the attacker stays merely a
passive eavesdropper, the extension prevents attacks against future
sessions. This forces attackers to use active attacks instead.
Keywords:
- Correction
- Source
- Cite
- Save
- Machine Reading By IdeaReader
0
References
1
Citations
NaN
KQI