📄 draft-arkko-pppext-eap-aka-15.txt
字号:
Arkko & Haverinen Expires June 21, 2005 [Page 16]
Internet-Draft EAP-AKA Authentication December 20044.1.1.3 Username Types in EAP-AKA Identities There are three types of usernames in EAP-AKA peer identities: (1) Permanent usernames. For example, 0123456789098765@myoperator.com might be a valid permanent identity. In this example, 0123456789098765 is the permanent username. (2) Pseudonym usernames. For example, 2s7ah6n9q@myoperator.com might be a valid pseudonym identity. In this example, 2s7ah6n9q is the pseudonym username. (3) Fast re-authentication usernames. For example, 43953754@myoperator.com might be a valid fast re-authentication identity. In this case, 43953754 is the fast re-authentication username. Unlike permanent usernames and pseudonym usernames, fast re-authentication usernames are one-time identifiers, which are not re-used across EAP exchanges. The first two types of identities are only used on full authentication and the last one only on fast re-authentication. When the optional identity privacy support is not used, the non-pseudonym permanent identity is used on full authentication. The fast re-authentication exchange is specified in Section 5.4.1.1.4 Username Decoration In some environments, the peer may need to decorate the identity by prepending or appending the username with a string, in order to indicate supplementary AAA routing information in addition to the NAI realm. (The usage of a NAI realm portion is not considered to be decoration.) Username decoration is out of the scope of this document. However, it should be noted that username decoration might prevent the server from recognizing a valid username. Hence, although the peer MAY use username decoration in the identities the peer includes in EAP-Response/Identity, and the EAP server MAY accept a decorated peer username in this message, the peer or the EAP server MUST NOT decorate any other peer identities that are used in various EAP-AKA attributes. Only the identity used in EAP-Response/Identity may be decorated.4.1.1.5 NAI Realm Portion The peer MAY include a realm portion in the peer identity, as per the NAI format. The use of a realm portion is not mandatory. If a realm is used, the realm MAY be chosen by the subscriber's home operator and it MAY a configurable parameter in the EAP-AKA peerArkko & Haverinen Expires June 21, 2005 [Page 17]
Internet-Draft EAP-AKA Authentication December 2004 implementation. In this case, the peer is typically configured with the NAI realm of the home operator. Operators MAY reserve a specific realm name for EAP-AKA users. This convention makes it easy to recognize that the NAI identifies an AKA subscriber. Such reserved NAI realm may be useful as a hint as to the first authentication method to use during method negotiation. When the peer is using a pseudonym username instead of the permanent username, the peer selects the realm name portion similarly as it select the realm portion when using the permanent username. If no configured realm name is available, the peer MAY derive the realm name from the MCC and MNC portions of the IMSI. A RECOMMENDED way to derive the realm from the IMSI using the realm 3gppnetwork.org will be specified in [Draft 3GPP TS 23.003]. Some old implementations derive the realm name from the IMSI by concatenating "mnc", the MNC digits of IMSI, ".mcc", the MCC digits of IMSI and ".owlan.org". For example, if the IMSI is 123456789098765, and the MNC is three digits long, then the derived realm name is "mnc456.mcc123.owlan.org". As there are no DNS servers running at owlan.org, these realm names can only be used with manually configured AAA routing. New implementations SHOULD use the mechanism specified in [Draft 3GPP TS 23.003] instead of owlan.org as soon as the 3GPP specification is finalized. The IMSI is a string of digits without any explicit structure, so the peer may not be able to determine the length of the MNC portion. If the peer is not able to determine whether the MNC is two or three digits long, the peer MAY use a 3-digit MNC. If the correct length of the MNC is two, then the MNC used in the realm name includes the first digit of MSIN. Hence, when configuring AAA networks for operators that have 2-digit MNC's, the network SHOULD also be prepared for realm names with incorrect 3-digit MNC's.4.1.1.6 Format of the Permanent Username The non-pseudonym permanent username SHOULD be derived from the IMSI. In this case, the permanent username MUST be of the format "0" | IMSI, where the character "|" denotes concatenation. In other words, the first character of the username is the digit zero (ASCII value 30 hexadecimal), followed by the IMSI. The IMSI is an ASCII string that consists of not more than 15 decimal digits (ASCII values between 30 and 39 hexadecimal), one character per IMSI digit, in the order as specified in [TS 23.003]. For example, a permanent username derived from the IMSI 295023820005424 would be encoded as the ASCII string "0295023820005424" (byte values in hexadecimal notation: 30 32 39 35 30 32 33 38 32 30 30 30 35 34 32 34)Arkko & Haverinen Expires June 21, 2005 [Page 18]
Internet-Draft EAP-AKA Authentication December 2004 The EAP server MAY use the leading "0" as a hint to try EAP-AKA as the first authentication method during method negotiation, rather than for example EAP-SIM. The EAP-AKA server MAY propose EAP-AKA even if the leading character was not "0". Alternatively, an implementation MAY choose a permanent username that is not based on the IMSI. In this case the selection of the username, its format, and its processing is out of the scope of this document. In this case, the peer implementation MUST NOT prepend any leading characters to the username.4.1.1.7 Generating Pseudonyms and Fast Re-authentication Identities by the Server Pseudonym usernames and fast re-authentication identities are generated by the EAP server. The EAP server produces pseudonym usernames and fast re-authentication identities in an implementation-dependent manner. Only the EAP server needs to be able to map the pseudonym username to the permanent identity, or to recognize a fast re-authentication identity. EAP-AKA includes no provisions to ensure that the same EAP server that generated a pseudonym username will be used on the authentication exchange when the pseudonym username is used. It is recommended that the EAP servers implement some centralized mechanism to allow all EAP servers of the home operator to map pseudonyms generated by other severs to the permanent identity. If no such mechanism is available, then the EAP server failing to understand a pseudonym issued by another server can request the peer to send the permanent identity. When issuing a fast re-authentication identity, the EAP server may include a realm name in the identity to make the fast re-authentication request be forwarded to the same EAP server. When generating fast re-authentication identities, the server SHOULD choose a fresh new fast re-authentication identity that is different from the previous ones used after the same full authentication exchange. A full authentication exchange and the associated fast re-authentication exchanges are referred to here as the same "full authentication context". The fast re-authentication identity SHOULD include a random component. The random component works as a full authentication context identifier. A context-specific fast re-authentication identity can help the server to detect whether its fast re-authentication state information matches the peer's fast re-authentication state information (in other words whether the state information is from the same full authentication exchange). The random component also makes the fast re-authentication identitiesArkko & Haverinen Expires June 21, 2005 [Page 19]
Internet-Draft EAP-AKA Authentication December 2004 unpredictable, so an attacker cannot initiate a fast re-authentication exchange to get the server's EAP-Request/AKA-Reauthentication packet. Transmitting pseudonyms and fast re-authentication identities from the server to the peer is discussed in Section 4.1.1.8. The pseudonym is transmitted as a username, without an NAI realm, and the fast re-authentication identity is transmitted as a complete NAI, including a realm portion if a realm is required. The realm is included in the fast re-authentication identity in order to allow the server to include a server-specific realm. Regardless of construction method, the pseudonym username MUST conform to the grammar specified for the username portion of an NAI. The fast re-authentication identity also MUST conform to the NAI grammar. The EAP servers that the subscribers of an operator can use MUST ensure that the pseudonym usernames and the username portions used in fast re-authentication identities they generate are unique. In any case, it is necessary that permanent usernames, pseudonym usernames and fast re-authentication usernames are separate and recognizable from each other. It is also desirable that EAP-SIM and EAP-AKA user names be recognizable from each other as an aid for the server to which method to offer. In general, it is the task of the EAP server and the policies of its administrator to ensure sufficient separation in the usernames. Pseudonym usernames and fast re-authentication usernames are both produced and used by the EAP server. The EAP server MUST compose pseudonym usernames and fast re-authentication usernames so that it can recognize if a NAI username is an EAP-AKA pseudonym username or an EAP-AKA fast re-authentication username. For instance, when the usernames have been derived from the IMSI, the server could use different leading characters in the pseudonym usernames and fast re-authentication usernames (e.g. the pseudonym could begin with a leading "2" character). When mapping a fast re-authentication identity to a permanent identity, the server SHOULD only examine the username portion of the fast re-authentication identity and ignore the realm portion of the identity. Because the peer may fail to save a pseudonym username sent to in an EAP-Request/AKA-Challenge, for example due to malfunction, the EAP server SHOULD maintain at least the most recently used pseudonym username in addition to the most recently issued pseudonym username. If the authentication exchange is not completed successfully, then the server SHOULD NOT overwrite the pseudonym username that was issued during the most recent successful authentication exchange.Arkko & Haverinen Expires June 21, 2005 [Page 20]
Internet-Draft EAP-AKA Authentication December 20044.1.1.8 Transmitting Pseudonyms and Fast Re-authentication Identities to the Peer The server transmits pseudonym usernames and fast re-authentication identities to the peer in cipher, using the AT_ENCR_DATA attribute. The EAP-Request/AKA-Challenge message MAY include an encrypted pseudonym username and/or an encrypted fast re-authentication identity in the value field of the AT_ENCR_DATA attribute. Because identity privacy support and fast re-authentication are optional to implement, the peer MAY ignore the AT_ENCR_DATA attribute and always use the permanent identity. On fast re-authentication (discussed in Section 5), the server MAY include a new encrypted fast re-authentication identity in the EAP-Request/AKA-Reauthentication message. On receipt of the EAP-Request/AKA-Challenge, the peer MAY decrypt the encrypted data in AT_ENCR_DATA and if a pseudonym username is included, the peer may use the obtained pseudonym username on the next full authentication. If a fast re-authentication identity is included, then the peer MAY save it together with other fast re-authentication state information, as discussed in Section 5, for the next fast re-authentication. If the peer does not receive a new pseudonym username in the EAP- Request/AKA-Challenge message, the peer MAY use an old pseudonym username instead of the permanent username on next full authentication. The username portions of fast re-authentication identities are one-time usernames, which the peer MUST NOT re-use. When the peer uses a fast re-authentication identity in an EAP exchange, the peer MUST discard the fast re-authentication identity and not re-use it in another EAP authentication exchange, even if the authentication exchange was not completed.4.1.1.9 Usage of the Pseudonym by the Peer When the optional identity privacy support is used on full authentication, the peer MAY use a pseudonym username received as part of a previous full authentication sequence as the username portion of the NAI. The peer MUST NOT modify the pseudonym username received in AT_NEXT_PSEUDONYM. However, as discussed above, the peer MAY need to decorate the username in some environments by appending or prepending the username with a string that indicates supplementary AAA routing information. When using a pseudonym username in an environment where a realm portion is used, the peer concatenates the received pseudonym username with the "@" character and a NAI realm portion. TheArkko & Haverinen Expires June 21, 2005 [Page 21]
Internet-Draft EAP-AKA Authentication December 2004 selection of the NAI realm is discussed above. The peer can select the realm portion similarly regardless of whether it uses the permanent username or a pseudonym username.4.1.1.10 Usage of the Fast Re-authentication Identity by the Peer On fast re-authentication, the peer uses the fast re-authentication identity, received as part of the previous authentication sequence. A new fast re-authentication identity may be delivered as part of both full authentication and fast re-authentication. The peer MUST⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -