RFC 9678
Forward Secrecy Extension to the Improved Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' FS), March 2025
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Updates:
- RFC 5448, RFC 9048
- Authors:
- J. Arkko
K. Norrman
J. Preuß Mattsson - Stream:
- IETF
- Source:
- emu (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9678
Discuss this RFC: Send questions or comments to the mailing list emu@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9678
Abstract
This document updates RFC 9048, "Improved Extensible Authentication Protocol Method for 3GPP Mobile Network Authentication and Key Agreement (EAP-AKA')", and its predecessor RFC 5448 with an optional extension providing ephemeral key exchange. The extension EAP-AKA' Forward Secrecy (EAP-AKA' FS), when negotiated, provides forward secrecy for the session keys generated as a part of the authentication run in EAP-AKA'. This prevents an attacker who has gained access to the long-term key from obtaining session keys established in the past. In addition, EAP-AKA' FS mitigates passive attacks (e.g., large-scale pervasive monitoring) against future sessions. This forces attackers to use active attacks instead.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.