Table of Contents

 1     Scope          
 2     References               
 3     Terms and definitions           
        3.1     Terms defined elsewhere        
        3.2     Terms defined in this Recommendation            
 4     Abbreviations and acronyms             
 5     Conventions             
 6     EAP-based authentication and key management framework             
        6.1     Introduction   
        6.2     General features of EAP           
        6.3     Basic operational procedures for authentication and key management protocols          
 7     EAP protocols           
        7.1     Vulnerabilities in EAP 
        7.2     Set of requirements for EAP   
        7.3     Criteria for evaluating and classifying EAP methods      
        7.4     EAP method   
        7.5     Evaluation of existing EAP methods     
 8     Key management   
        8.1     Practical threats to a specific wireless access network 
        8.2     General operational phases for key management        
        8.3     Set of requirements for key management       
        8.4     Flow of the key management protocol              
        8.5     Requirements classification of key management           
 9     Cryptographic key for key management      
        9.1     General policy model 
        9.2     Possible cryptographic key hierarchy and key derivation            
Appendix I – Evaluation of existing EAP methods    
Appendix II – AAA protocol    
Appendix III – Overview of the existing EAP methods    
      III.1     Pre-shared secret-based EAP methods              
      III.2     EAP methods based on public key        
      III.3     EAP methods that support both shared secret and public key 
      III.4     Tunnel-based EAP methods