emanjon
commented
1 year ago I don't find any Section 4.3 in the document. Section 4 is Requirements Language. Maybe keep for now and we can discuss again after addressing IESG comments.
Closed jariarkko closed 8 months ago
emanjon
commented
1 year ago I don't find any Section 4.3 in the document. Section 4 is Requirements Language. Maybe keep for now and we can discuss again after addressing IESG comments.
knorrman
commented
1 year ago I assume it refers to this patch: https://github.com/emu-wg/eap-aka-pfs/pull/44/commits/66d4be0beea7b00d96fff977ca9938d5b171a25f
The section contains two paragraphs, the first stating that 3GPP uses AKA for authentication (repeated from introduction) and the second explains that FS helps against attacks on the long-term keys (also repeated in the introduction and security considerations as Jari points out). The second paragraph also ends with text, which I don't believe is correct, or the least difficult to understand:
Presumably, the attacks discussed in the end are ones happening after the long-term key is compromised. If AKA had FS, that does not give any guarantees for those attacks. That would be a question of post compromise security (PCS). The reason the attacker needs to be active in those attacks when this draft is applied is that DH is used. DH also happens to contribute to the FS property.
So if we keep it, it should at least be corrected.
jariarkko
commented
1 year ago Ok. I shortened the section to say:
jariarkko
commented
8 months ago I think we closed this one last year
Karl proposed this to be removed as a repetition.
However, the Introduction mentions this only briefly. And the Security Considerations does not mention it at all.
Worth keeping?