[Mobopts] RE: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa -00.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Mobopts] RE: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa -00.txt

To: "'James Kempf'" <Kempf at docomolabs-usa.com>, "'Rajeev Koodli'" <rajeev at iprg.nokia.com>
Subject: [Mobopts] RE: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa -00.txt
From: Narayanan Vidya-CVN065 <vidya at motorola.com>
Date: Fri, 22 Jul 2005 11:16:37 -0500
Cc: Gerardo Giaretta <Gerardo.Giaretta at TILAB.COM>, Julien Bournelle <julien.bournelle at int-evry.fr>, mipshop at ietf.org, Venkitaraman Narayanan-CNV002 <Narayanan.Venkitaraman at motorola.com>, mobopts at irtf.org
List-help: <mailto:mobopts-request@irtf.org?subject=help>
List-id: IP Mobility Optimizations <mobopts.irtf.org>
List-post: <mailto:mobopts@irtf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/mobopts>, <mailto:mobopts-request@irtf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/mobopts>, <mailto:mobopts-request@irtf.org?subject=unsubscribe>
Sender: mobopts-bounces at irtf.org

> >
> 
> Suppose that the AAA server pushes the key directly to the AR 
> using some protocol. That means the AAA server and the AR 
> need to share an end-to-end security association, that the 
> key must be encrypted in transit, and only the AR can decrypt.
> 


Yes, an SA with the AR is required for the protocol. 


> Now, suppose that, instead of routing the key directly to the 
> AR, it is routed through the NAS instead. If the key is 
> end-to-end encrypted, how does that violate the Housley 
> critera? The NAS is acting like a proxy AAA server and 
> doesn't ever get to look at the key.
> 


I thought that the idea of coupling this with network access is (also) so that you only need an SA between the AAA server and the NAS. If you also have an SA with the AR, this is feasible. But, here are some problems I see with this approach: 

- the NAS is potentially different upon every handoff; depending on the scenario, the NAS is an AP, an 802.16 BS, a PAA located at the AR, a PAA separate from the AR, etc. So, this means, the NAS may be doing 802.11i, 802.11r, 802.16 or PANA. Even though it is still EAP in all these cases, I am not sure how a common design can solve this - for e.g., once the NAS gets an EAP-AMSK (that is supposed to serve as the HK), how does it get that to the AR and the corresponding keying material to the MN - that protocol, if implemented using PANA, is unique to PANA and won't be available when the NAS is not a PAA, but an 802.1x authenticator. This is why I was asking if you envision a second EAP-method exchange with a PAA after 802.1x is done, just to derive HKs. Or, I must be missing something. 

- Along the same lines, I especially see a problem when 802.11r is used - in this case, there may not be an EAP exchange when the MN hands off. What happens then? 

- This method, as Rajeev pointed out, puts HK derivation in the critical handoff path. That seems unncessary. The MN should be able to hand off with only the essential steps and nothing else. 

Vidya

_______________________________________________
Mobopts mailing list
Mobopts at irtf.org
https://www1.ietf.org/mailman/listinfo/mobopts

Follow-Ups:
- [Mobopts] Re: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa -00.txt
  - From: James Kempf

Prev by Date: Re: [Mobopts] New topics for the RG
Next by Date: Re: [Mobopts] New topics for the RG
Previous by thread: [Mobopts] Re: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa -00.txt
Next by thread: [Mobopts] Re: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa -00.txt
Index(es):
- Date
- Thread

[Mobopts] RE: [Mipshop] RE: Review of draft-vidya-mipshop-handover-keys-aaa -00.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.