eap-8 Page:12
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
|
Pitfalls for the Unwary Arbitrary AAA EAP key attributes Transport keys derived by EAP methods Critical to EAP interoperability: NAS expects MSK, not session key Can encourage bad practices: ciphersuite-specific EAP methods Improper key hierarchies Loops can dilute key strength Early 802.11i proposals had this problem EAP methods generating keys without sufficient entropy 802.11i assumes a 256-bit PMK! Issue for EAP SIM and EAP GSS EAP methods without nonce exchanges May not be able to generate required crytographic separation without a subsequent nonce exchange Could cause method to work only on some media (e.g. 802.11 vs. PPP) Issue for EAP SRP |