Extensible Authentication Protocol (EAP) Encrypted Key Exchange (EKE) Registry

Extensible Authentication Protocol (EAP) Encrypted Key Exchange (EKE) Registry 2010-11-24 2020-04-14 EAP-EKE Diffie-Hellman Group Registry Specification Required Joseph Salowey 0 Reserved 1 DHGROUP_EKE_2 The prime number of the 1024-bit Group 2 , with the generator 5 (decimal) 2 DHGROUP_EKE_5 The prime number of the 1536-bit Group 5 , g=31 3 DHGROUP_EKE_14 The prime number of the 2048-bit Group 14 , g=11 4 DHGROUP_EKE_15 The prime number of the 3072-bit Group 15 , g=5 5 DHGROUP_EKE_16 The prime number of the 4096-bit Group 16 , g=5 6-127 Unassigned 128-255 Reserved for Private Use EAP-EKE Encryption Algorithm Registry Specification Required Joseph Salowey 0 Reserved 1 ENCR_AES128_CBC AES with a 128-bit key, CBC mode 2-127 Unassigned 128-255 Reserved for Private Use EAP-EKE Pseudo Random Function Registry Specification Required Joseph Salowey 0 Reserved 1 PRF_HMAC_SHA1 HMAC SHA-1, as defined in 2 PRF_HMAC_SHA2_256 HMAC SHA-2-256 [National Institute of Standards and Technology, U.S. Department of Commerce, "Secure Hash Standard", NIST FIPS 180-3, October 2008.] 3-127 Unassigned 128-255 Reserved for Private Use EAP-EKE Keyed Message Digest (MAC) Registry Specification Required Joseph Salowey 0 Reserved 1 MAC_HMAC_SHA1 20 HMAC SHA-1, as defined in 2 MAC_HMAC_SHA2_256 32 HMAC SHA-2-256 3-127 Unassigned 128-255 Reserved for Private Use EAP-EKE Identity Type Registry Specification Required Joseph Salowey 0 Reserved 1 ID_OPAQUE An opaque octet string 2 ID_NAI A Network Access Identifier, as defined in 3 ID_IPv4 An IPv4 address, in binary format 4 ID_IPv6 An IPv6 address, in binary format 5 ID_FQDN A fully qualified domain name 6 ID_DN An LDAP Distinguished Name formatted as a string, as defined in 7-127 Unassigned 128-255 Reserved for Private Use EAP-EKE Channel-Binding Type Registry Specification Required Joseph Salowey 0x0000 Reserved 0x0001-0xFEFF Unassigned 0xFF00-0xFFFF Reserved for Private Use EAP-EKE Exchange Registry RFC Required 0x00 Reserved 0x01 EAP-EKE-ID exchange 0x02 EAP-EKE-Commit exchange 0x03 EAP-EKE-Confirm exchange 0x04 EAP-EKE-Failure exchange 0x05-0x7F Unassigned 0x80-0xFF Reserved for Private Use EAP-EKE Failure-Code Registry RFC Required 0x00000000 Reserved 0x00000001 No Error This code is used for failure acknowledgement. 0x00000002 Protocol Error A failure to parse or understand a protocol message or one of its payloads. 0x00000003 Password Not Found A password could not be located for the identity presented by the other protocol party, making authentication impossible. 0x00000004 Authentication Failure Failure in the cryptographic computation most likely caused by an incorrect password, or an inappropriate identity type. 0x00000005 Authorization Failure While the password being used is correct, the user is not authorized to connect. 0x00000006 No Proposal Chosen The peer is unwilling to select any of the cryptographic proposals offered by the server. 0x00000007-0xFEFFFFFF Unassigned 0xFF000000-0xFFFFFFFF Reserved for Private Use