Extensible Authentication Protocol (EAP) Encrypted Key Exchange (EKE) Registry
- Created
- 2010-11-24
- Last Updated
- 2020-04-14
- Available Formats
-
XML
HTML
Plain text
Registries included below
- EAP-EKE Diffie-Hellman Group Registry
- EAP-EKE Encryption Algorithm Registry
- EAP-EKE Pseudo Random Function Registry
- EAP-EKE Keyed Message Digest (MAC) Registry
- EAP-EKE Identity Type Registry
- EAP-EKE Channel-Binding Type Registry
- EAP-EKE Exchange Registry
- EAP-EKE Failure-Code Registry
EAP-EKE Diffie-Hellman Group Registry
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Joseph Salowey
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Name | Description | Reference |
|---|---|---|---|
| 0 | Reserved | [RFC6124] | |
| 1 | DHGROUP_EKE_2 | The prime number of the 1024-bit Group 2 [RFC7296], with the generator 5 (decimal) | [RFC6124] |
| 2 | DHGROUP_EKE_5 | The prime number of the 1536-bit Group 5 [RFC3526], g=31 | [RFC6124] |
| 3 | DHGROUP_EKE_14 | The prime number of the 2048-bit Group 14 [RFC3526], g=11 | [RFC6124] |
| 4 | DHGROUP_EKE_15 | The prime number of the 3072-bit Group 15 [RFC3526], g=5 | [RFC6124] |
| 5 | DHGROUP_EKE_16 | The prime number of the 4096-bit Group 16 [RFC3526], g=5 | [RFC6124] |
| 6-127 | Unassigned | ||
| 128-255 | Reserved for Private Use | [RFC6124] |
EAP-EKE Encryption Algorithm Registry
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Joseph Salowey
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Name | Definition | Reference |
|---|---|---|---|
| 0 | Reserved | [RFC6124] | |
| 1 | ENCR_AES128_CBC | AES with a 128-bit key, CBC mode | [RFC6124] |
| 2-127 | Unassigned | ||
| 128-255 | Reserved for Private Use | [RFC6124] |
EAP-EKE Pseudo Random Function Registry
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Joseph Salowey
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Name | Definition | Reference |
|---|---|---|---|
| 0 | Reserved | [RFC6124] | |
| 1 | PRF_HMAC_SHA1 | HMAC SHA-1, as defined in [RFC2104] | [RFC6124] |
| 2 | PRF_HMAC_SHA2_256 | HMAC SHA-2-256 [National Institute of Standards and Technology, U.S. Department of Commerce, "Secure Hash Standard", NIST FIPS 180-3, October 2008.] | [RFC6124] |
| 3-127 | Unassigned | ||
| 128-255 | Reserved for Private Use | [RFC6124] |
EAP-EKE Keyed Message Digest (MAC) Registry
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Joseph Salowey
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Name | Key Length (Octets) | Definition | Reference |
|---|---|---|---|---|
| 0 | Reserved | [RFC6124] | ||
| 1 | MAC_HMAC_SHA1 | 20 | HMAC SHA-1, as defined in [RFC2104] | [RFC6124] |
| 2 | MAC_HMAC_SHA2_256 | 32 | HMAC SHA-2-256 | [RFC6124] |
| 3-127 | Unassigned | |||
| 128-255 | Reserved for Private Use | [RFC6124] |
EAP-EKE Identity Type Registry
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Joseph Salowey
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Name | Definition | Reference |
|---|---|---|---|
| 0 | Reserved | [RFC6124] | |
| 1 | ID_OPAQUE | An opaque octet string | [RFC6124] |
| 2 | ID_NAI | A Network Access Identifier, as defined in [RFC4282] | [RFC6124] |
| 3 | ID_IPv4 | An IPv4 address, in binary format | [RFC6124] |
| 4 | ID_IPv6 | An IPv6 address, in binary format | [RFC6124] |
| 5 | ID_FQDN | A fully qualified domain name | [RFC6124] |
| 6 | ID_DN | An LDAP Distinguished Name formatted as a string, as defined in [RFC4514] | [RFC6124] |
| 7-127 | Unassigned | ||
| 128-255 | Reserved for Private Use | [RFC6124] |
EAP-EKE Channel-Binding Type Registry
- Registration Procedure(s)
-
Specification Required
- Expert(s)
-
Joseph Salowey
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Description | Reference |
|---|---|---|
| 0x0000 | Reserved | [RFC6124] |
| 0x0001-0xFEFF | Unassigned | |
| 0xFF00-0xFFFF | Reserved for Private Use | [RFC6124] |
EAP-EKE Exchange Registry
- Registration Procedure(s)
-
RFC Required
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Description | Reference |
|---|---|---|
| 0x00 | Reserved | [RFC6124] |
| 0x01 | EAP-EKE-ID exchange | [RFC6124] |
| 0x02 | EAP-EKE-Commit exchange | [RFC6124] |
| 0x03 | EAP-EKE-Confirm exchange | [RFC6124] |
| 0x04 | EAP-EKE-Failure exchange | [RFC6124] |
| 0x05-0x7F | Unassigned | |
| 0x80-0xFF | Reserved for Private Use | [RFC6124] |
EAP-EKE Failure-Code Registry
- Registration Procedure(s)
-
RFC Required
- Reference
- [RFC6124]
- Available Formats
-
CSV
| Value | Name | Meaning | Reference |
|---|---|---|---|
| 0x00000000 | Reserved | [RFC6124] | |
| 0x00000001 | No Error | This code is used for failure acknowledgement. | [RFC6124] |
| 0x00000002 | Protocol Error | A failure to parse or understand a protocol message or one of its payloads. | [RFC6124] |
| 0x00000003 | Password Not Found | A password could not be located for the identity presented by the other protocol party, making authentication impossible. | [RFC6124] |
| 0x00000004 | Authentication Failure | Failure in the cryptographic computation most likely caused by an incorrect password, or an inappropriate identity type. | [RFC6124] |
| 0x00000005 | Authorization Failure | While the password being used is correct, the user is not authorized to connect. | [RFC6124] |
| 0x00000006 | No Proposal Chosen | The peer is unwilling to select any of the cryptographic proposals offered by the server. | [RFC6124] |
| 0x00000007-0xFEFFFFFF | Unassigned | ||
| 0xFF000000-0xFFFFFFFF | Reserved for Private Use | [RFC6124] |