{"draft":"draft-ietf-emu-crypto-bind-04","doc_id":"RFC7029","title":"Extensible Authentication Protocol (EAP) Mutual Cryptographic Binding","authors":["S. Hartman","M. Wasserman","D. Zhang"],"format":["ASCII","HTML"],"page_count":"19","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"EAP Method Update","abstract":"As the Extensible Authentication Protocol (EAP) evolves, EAP peers\r\nrely increasingly on information received from the EAP server.  EAP\r\nextensions such as channel binding or network posture information are\r\noften carried in tunnel methods; peers are likely to rely on this\r\ninformation.  Cryptographic binding is a facility described in RFC\r\n3748 that protects tunnel methods against man-in-the-middle attacks.\r\nHowever, cryptographic binding focuses on protecting the server\r\nrather than the peer.  This memo explores attacks possible when the\r\npeer is not protected from man-in-the-middle attacks and recommends\r\ncryptographic binding based on an Extended Master Session Key, a new\r\nform of cryptographic binding that protects both peer and server\r\nalong with other mitigations.","pub_date":"October 2013","keywords":["MITM","man-in-the-middle","EMSK crypto binding","Extended Master Session Key","tunnel"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7029","errata_url":null}