Hi, I would appreciate if you could forward this question to the list. I have a question regarding EAP-TLS. I am trying to understand if it is possible for an attacker to extract the EMSK from EAP peer memory (if not protected) and plant it inside another EAP peer and establish new child keys for the new peer. I guess sessionID is a measure against this, but I did not see anything in RFC 5216 that says the EAP server checks for uniqueness of sessionIDs across clients. It only says, if it finds the sessionID, it resumes the session and if it does not it tries to start a new session, so I guess if the attacker extracted both EMSK and sessionID, the attack would be possible, no? The other related question is what needs to happen before session resumption? Is there a state between initially authenticated active session and the resumed one? Does the EAP session go dormant? The reason I ask, is whether the server keeps track of active sessionIDs or dormant sessionIDs? Can two peers use the same sessionID at the same time? thanks, Madjid
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
