EAP-AKA

Jagan Mohan Reddy jmkreddy123 at gmail.com
Fri Jun 1 01:35:27 EDT 2007


Hi Jouni,
             Woow! Thank you very much for the detailed description, now I
can sigh a bit.

Since all I have are some dummy SIMs from various providers they are not
gonna tell me the private key unless its a SIM made to work with specific
AAA/HLR vendor.
Is there a work around? If not do we have any alternative that I can go buy
some SIMs with private keys? I know this is outside the scope but just
seeking some help to make use of hostapd.

Cheers,
Jagan



On 5/31/07, Jouni Malinen <j at w1.fi> wrote:
>
> On Thu, May 31, 2007 at 02:44:05PM -0700, Jagan Mohan Reddy wrote:
>
> >           Does any one know how to configure SIM details in the database
> > to test EAP-AKA authentication? Is there a tool out there to extract 3G
> SIM
> > details?
>
> EAP-AKA uses AKA and USIM, so "SIM details" is bit misleading here.
> Furthermore, AKA design include replay protection at the USIM which
> means that one cannot just extract authentication data from a USIM and
> then replay it for a test (which is something that can be done with GSM
> authentication and EAP-SIM). The USIM will just reject such attempts as
> replays.
>
> In other to test EAP-AKA, one would need to know enough details of the
> USIM used at the client to produce suitable authentication parameters.
> I've been using hostapd and the included hlr_auc_gw as the
> authentication server for EAP-AKA when testing EAP-AKA with a USIM. Some
> of the USIM cards I have implement the example algorithm, Milenage,
> defined by 3GPP and hlr_auc_gw has an implementation for it, too. Since
> I happen to know the private key for the USIM, I can configure
> hlr_auc_gw to generate authentication values that work with the card.
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20070531/1fab7195/attachment.htm 


More information about the HostAP mailing list