mipshop-3----Page:7
1 2 3 4 5 6 7 8 9 10
|
HK Derivation via Network Access Derive HK as EAP AMSK upon handoff Transport HK from EAP NAS to AR Option 1: Send HK to AR immediately Option 2: AR can request HK when needed (upon receiving FBU) Pros Closely tied to network access EAP/AAA No new protocol required on the MN Clients already doing EAP/AAA need no other pre-configured keys |