About the EAP-AKA

Jouni Malinen j at w1.fi
Sat Oct 1 13:57:05 EDT 2011


On Fri, Sep 30, 2011 at 02:56:57PM +0800, 万青松 wrote:
> I just make the hostapd as an Authentication server to test the EAP-AKA.
> In the hlr_auc_gw.milenage_db there's some parameters, such as IMSI Ki OPc AMF SQN.
> #232010000000000 90dca4eda45b53cf0f12d7c9c3bc6a89 cb9cccc4b9258e6dca4760379fb82581 61df 000000000000
> I've got an USIM card and its IMSI,  but can not get the others.
> Maybe the "Ki OPc AMF SQN" should not be changed, only change the IMSI ?

Is that a test USIM card? The Milenage implementation in hlr_auc_gw
depends on you knowing the parameters to allow matching UMTS
authentication to be implemented. If you do not have this type of
parameters for the USIM card, you cannot use it in tests with
hlr_auc_gw.

> And another issue is the hostapd.eap_user. This is my configuration:
> #"cisco"*  AKA
> The "cisco" is the radius user name.
> Is there something wrong?

Is that like commented out ('#') on purpose? In addition, EAP-AKA user
names are normal used with a special prefix (0, 2, or 4) to indicate
which identity type is being used.

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list