[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: clarification on IKEv2 with EAP




Hi,
well, I am not specially worried about that, but rather to implement extra protections when it's not needed. The EAP methods I am now thinking about are EAP SIM and EAP AKA, which already provide some protection mechanisms. If IKEv2, on top of that, gives integrity and encryption to the EAP messages, maybe we will spend unnecessary resources when using EAP SIM/AKA over IKEv2, if we consider that either IKEv2 or EAP SIM/AKA levels of protection are secure enough.
But I guess other EAP methods do not provide the same level of protection and that's why IKEv2 has to be designed in order to not depend on EAP implementations.

In the other hand, after reading your paper (the one you are writing with Pasi) I see very reasonable your proposal to omit AUTH in message 4: if IKEv2 says that in messages 7 and 8 the AUTH payloads will protect messages 1 and 2 (respectively), why to send AUTH in message 4 ? Does message 2 need to be authenticated twice ?

Cheers,
David.

-----Original Message-----
From: Tschofenig Hannes [mailto:hannes.tschofenig@siemens.com]
Sent: jueves, 01 de abril de 2004 17:31
To: David Mariblanca (ML/EEM); 'Pasi.Eronen@nokia.com';
ipsec@lists.tislabs.com
Subject: RE: clarification on IKEv2 with EAP


hi david, 

i am only curious: 
why do you worry about the protection of eap messages? 

ciao
hannes


> Ok, I see. I did not remember the EAP messages were already 
> integrity protected and encrypted with Sk_a and Sk_e. Then 
> the AUTH payloads protect the IKE_INIT messages, the ones 
> which were not sent protected since there was not key 
> material yet to do it, correct ?
> 
> 
> -----Original Message-----
> From: Pasi.Eronen@nokia.com [mailto:Pasi.Eronen@nokia.com]
> Sent: jueves, 01 de abril de 2004 13:19
> To: David Mariblanca (ML/EEM); ipsec@lists.tislabs.com
> Subject: RE: clarification on IKEv2 with EAP
> 
> 
> 
> David Mariblanca wrote:
> 
> > I will give my interpretation of  chapter 16 and please confirm 
> > if it is correct.
> > - The EAP payloads are sent in the IKEv2 messages without 
> > AUTH payloads. The AUTH payloads are sent only in the last 
> > two IKEv2 messages, and they correspond to the last two EAP 
> > messages, that is, AUTH in message 7 to EAP payload in 
> > message 5, and AUTH in message 8 to EAP payload in message 6
> 
> No, AUTH payloads do not authenticate the EAP messages, they
> authenticate the IKEv2 SA (basically information from the 
> first two IKEv2 messages; first paragraph of Section 2.15 
> explains exactly what is included in the "<message octets>").
> 
> (All EAP messages are also MAC'd with SK_ar/SK_ai, but this is 
> not related to AUTH payloads; the integrity protection is 
> included in the "SK{...}" notation).
> 
> Best regards,
> Pasi
>