Internet-Draft EAP-MPSK March 2024
Yan Expires 5 September 2024 [Page]
Intended Status:
Standards Track
L. Yan, Ed.

EAP Multiple Pre-Shared Keys (EAP-MPSK) Method


This document defines an Extensible Authentication Protocol (EAP) method for supporting the negotiation of a PSK among multiple PSKs.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 5 September 2024.

Table of Contents

1. Introduction

The existing PSK-based EAP methods, EAP-GPSK [RFC5433], EAP-PSK [RFC4764], EAP-SAKE [RFC4763] and EAP-PAX [RFC4746], assumed that only one PSK had been configured for the EAP peer and server. A single PSK does not provide perfect forward secrecy [RFC5433].
Compromise of the PSK leads to compromise of recorded past sessions. Moreover, compromise of the PSK enables the attacker to impersonate the peer and the server, and it allows the adversary to compromise future sessions. One solution is to use multiple PSKs between the EAP peer and server.

Traditional manual configuration of PSKs lacks automation and is less efficient. Currently, there are some new manners of configuring PSKs more efficiently. Quantum keys generated by a quantum network can be automatically obtained through a network and configured as PSKs. In the mobile communication scenario, plenty of quantum keys can be offline implanted into mobile terminals. In the post-quantum scenario, each communication peer is typically assumed to have a list of post-quantum PSKs [RFC8784]. If there are ample PSKs, using each PSK only once will provide perfect forward secrecy. Moreover, the attacker cannot impersonate the peer and the server by compromising a used PSK; one PSK's compromise will not influence future sessions.

Furthermore, the issue of PSK identity collisions should be considered when managing multiple PSKs. PSKs can be configured in different manners, for example, through traditional manual configuration or obtained through quantum key generators. The PSK identities in different configuration methods usually do not have a unified plan. Thus, it is possible that a PSK identity may clash with another PSK identity configured in a different manner. Even obtained from different quantum key generators, the PSKs' identity may have a collision. Thus, multiple PSKs should be managed by category.

This document modifies the EAP-GPSK to support the negotiation of a PSK among multiple PSKs.

1.2. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

2. Overview

3. Security Considerations

4. IANA Considerations

5. References

5.1. Normative References

Clancy, T. and H. Tschofenig, "Extensible Authentication Protocol - Generalized Pre-Shared Key (EAP-GPSK) Method", RFC 5433, DOI 10.17487/RFC5433, , <>.
Fluhrer, S., Kampanakis, P., McGrew, D., and V. Smyslov, "Mixing Preshared Keys in the Internet Key Exchange Protocol Version 2 (IKEv2) for Post-quantum Security", RFC 8784, DOI 10.17487/RFC8784, , <>.
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <>.
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <>.

5.2. Informative References

Clancy, T. and W. Arbaugh, "Extensible Authentication Protocol (EAP) Password Authenticated Exchange", RFC 4746, DOI 10.17487/RFC4746, , <>.
Bersani, F. and H. Tschofenig, "The EAP-PSK Protocol: A Pre-Shared Key Extensible Authentication Protocol (EAP) Method", RFC 4764, DOI 10.17487/RFC4764, , <>.
Vanderveen, M. and H. Soliman, "Extensible Authentication Protocol Method for Shared-secret Authentication and Key Establishment (EAP-SAKE)", RFC 4763, DOI 10.17487/RFC4763, , <>.



Author's Address

Lei YAN (editor)
Ruanjiandadao Road