Internet Assigned Numbers Authority Extensible Authentication Protocol (EAP) Encrypted Key Exchange (EKE) Registry Created 2010-11-24 Last Updated 2020-04-14 Available Formats [IMG] XML [IMG] HTML [IMG] Plain text Registries included below * EAP-EKE Diffie-Hellman Group Registry * EAP-EKE Encryption Algorithm Registry * EAP-EKE Pseudo Random Function Registry * EAP-EKE Keyed Message Digest (MAC) Registry * EAP-EKE Identity Type Registry * EAP-EKE Channel-Binding Type Registry * EAP-EKE Exchange Registry * EAP-EKE Failure-Code Registry EAP-EKE Diffie-Hellman Group Registry Registration Procedure(s) Specification Required Expert(s) Joseph Salowey Reference [RFC6124] Available Formats [IMG] CSV Value Name Description Reference 0 Reserved [RFC6124] 1 DHGROUP_EKE_2 The prime number of the 1024-bit Group 2 [RFC7296], with the generator 5 (decimal) [RFC6124] 2 DHGROUP_EKE_5 The prime number of the 1536-bit Group 5 [RFC3526], g=31 [RFC6124] 3 DHGROUP_EKE_14 The prime number of the 2048-bit Group 14 [RFC3526], g=11 [RFC6124] 4 DHGROUP_EKE_15 The prime number of the 3072-bit Group 15 [RFC3526], g=5 [RFC6124] 5 DHGROUP_EKE_16 The prime number of the 4096-bit Group 16 [RFC3526], g=5 [RFC6124] 6-127 Unassigned 128-255 Reserved for Private Use [RFC6124] EAP-EKE Encryption Algorithm Registry Registration Procedure(s) Specification Required Expert(s) Joseph Salowey Reference [RFC6124] Available Formats [IMG] CSV Value Name Definition Reference 0 Reserved [RFC6124] 1 ENCR_AES128_CBC AES with a 128-bit key, CBC mode [RFC6124] 2-127 Unassigned 128-255 Reserved for Private Use [RFC6124] EAP-EKE Pseudo Random Function Registry Registration Procedure(s) Specification Required Expert(s) Joseph Salowey Reference [RFC6124] Available Formats [IMG] CSV Value Name Definition Reference 0 Reserved [RFC6124] 1 PRF_HMAC_SHA1 HMAC SHA-1, as defined in [RFC2104] [RFC6124] 2 PRF_HMAC_SHA2_256 HMAC SHA-2-256 [National Institute of Standards and Technology, U.S. Department of Commerce, "Secure [RFC6124] Hash Standard", NIST FIPS 180-3, October 2008.] 3-127 Unassigned 128-255 Reserved for Private Use [RFC6124] EAP-EKE Keyed Message Digest (MAC) Registry Registration Procedure(s) Specification Required Expert(s) Joseph Salowey Reference [RFC6124] Available Formats [IMG] CSV Value Name Key Length (Octets) Definition Reference 0 Reserved [RFC6124] 1 MAC_HMAC_SHA1 20 HMAC SHA-1, as defined in [RFC2104] [RFC6124] 2 MAC_HMAC_SHA2_256 32 HMAC SHA-2-256 [RFC6124] 3-127 Unassigned 128-255 Reserved for Private Use [RFC6124] EAP-EKE Identity Type Registry Registration Procedure(s) Specification Required Expert(s) Joseph Salowey Reference [RFC6124] Available Formats [IMG] CSV Value Name Definition Reference 0 Reserved [RFC6124] 1 ID_OPAQUE An opaque octet string [RFC6124] 2 ID_NAI A Network Access Identifier, as defined in [RFC4282] [RFC6124] 3 ID_IPv4 An IPv4 address, in binary format [RFC6124] 4 ID_IPv6 An IPv6 address, in binary format [RFC6124] 5 ID_FQDN A fully qualified domain name [RFC6124] 6 ID_DN An LDAP Distinguished Name formatted as a string, as defined in [RFC4514] [RFC6124] 7-127 Unassigned 128-255 Reserved for Private Use [RFC6124] EAP-EKE Channel-Binding Type Registry Registration Procedure(s) Specification Required Expert(s) Joseph Salowey Reference [RFC6124] Available Formats [IMG] CSV Value Description Reference 0x0000 Reserved [RFC6124] 0x0001-0xFEFF Unassigned 0xFF00-0xFFFF Reserved for Private Use [RFC6124] EAP-EKE Exchange Registry Registration Procedure(s) RFC Required Reference [RFC6124] Available Formats [IMG] CSV Value Description Reference 0x00 Reserved [RFC6124] 0x01 EAP-EKE-ID exchange [RFC6124] 0x02 EAP-EKE-Commit exchange [RFC6124] 0x03 EAP-EKE-Confirm exchange [RFC6124] 0x04 EAP-EKE-Failure exchange [RFC6124] 0x05-0x7F Unassigned 0x80-0xFF Reserved for Private Use [RFC6124] EAP-EKE Failure-Code Registry Registration Procedure(s) RFC Required Reference [RFC6124] Available Formats [IMG] CSV Value Name Meaning Reference 0x00000000 Reserved [RFC6124] 0x00000001 No Error This code is used for failure acknowledgement. [RFC6124] 0x00000002 Protocol Error A failure to parse or understand a protocol message or one of its payloads. [RFC6124] 0x00000003 Password Not Found A password could not be located for the identity presented by the other protocol party, [RFC6124] making authentication impossible. 0x00000004 Authentication Failure Failure in the cryptographic computation most likely caused by an incorrect password, [RFC6124] or an inappropriate identity type. 0x00000005 Authorization Failure While the password being used is correct, the user is not authorized to connect. [RFC6124] 0x00000006 No Proposal Chosen The peer is unwilling to select any of the cryptographic proposals offered by the [RFC6124] server. 0x00000007-0xFEFFFFFF Unassigned 0xFF000000-0xFFFFFFFF Reserved for Private Use [RFC6124] Licensing Terms