{"draft":"draft-ietf-emu-rfc5448bis-10","doc_id":"RFC9048","title":"Improved Extensible Authentication Protocol Method for 3GPP Mobile Network Authentication and Key Agreement (EAP-AKA')","authors":["J. Arkko","V. Lehtovirta","V. Torvinen","P. Eronen"],"format":["HTML","TEXT","PDF","XML"],"page_count":"40","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"EAP Method Update","abstract":"The 3GPP mobile network Authentication and Key Agreement (AKA) is an\r\nauthentication mechanism for devices wishing to access mobile\r\nnetworks. RFC 4187 (EAP-AKA) made the use of this mechanism possible\r\nwithin the Extensible Authentication Protocol (EAP) framework. RFC\r\n5448 (EAP-AKA') was an improved version of EAP-AKA.\r\n\r\nThis document is the most recent specification of EAP-AKA',\r\nincluding, for instance, details about and references related to\r\noperating EAP-AKA' in 5G networks. \r\n\r\nEAP-AKA' differs from EAP-AKA by providing a key derivation function\r\nthat binds the keys derived within the method to the name of the\r\naccess network. The key derivation function has been defined in the\r\n3rd Generation Partnership Project (3GPP). EAP-AKA' allows its use in\r\nEAP in an interoperable manner. EAP-AKA' also updates the algorithm\r\nused in hash functions, as it employs SHA-256 \/ HMAC-SHA-256 instead\r\nof SHA-1 \/ HMAC-SHA-1, which is used in EAP-AKA.\r\n\r\nThis version of the EAP-AKA' specification defines the protocol\r\nbehavior for both 4G and 5G deployments, whereas the previous version\r\ndefined protocol behavior for 4G deployments only. While EAP-AKA' as\r\ndefined in RFC 5448 is not obsolete, this document defines the most\r\nrecent and fully backwards-compatible specification of EAP-AKA'. This\r\ndocument updates both RFCs 4187 and 5448.","pub_date":"October 2021","keywords":["EAP","AKA","AKA'","3GPP"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC5448","RFC4187"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9048","errata_url":null}