Questions on using EAP-AKA

Ben Greear greearb at candelatech.com
Mon Dec 30 14:04:13 EST 2013


On 12/24/2013 01:34 PM, Jouni Malinen wrote:
> On Tue, Dec 24, 2013 at 12:01:26PM -0800, Ben Greear wrote:
>> It seems that the SQN is expected to start at some known value, and increment
>> for each connection attempt (from brief reading of RFC 4187).
>> There is a protocol (AUTS) to re-sync if UE is out of sync.
>>
>> Do you know if this is properly handled in wpa_supplicant?
> 
> Yes
> 
>> If so, does it really matter much what the SQN is initially configured to be?
> 
> For many testing cases, this does not really matter much unless you are
> looking into testing EAP-AKA replay protection itself.

Ok, I am not sure the SQN handling is working properly or not, but
it appears the main failure at this point is that I am using gnutls
and it does not support a method called by eap_sim_derive_keys:


int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
{
	/* FIX: how to do this with libgcrypt? */
	return -1;
}


I see another note in the supplicant config file that openssl does
not support all of EAP-FAST unless patched.

So, question is, what SSL should I use for fullest functionality?

I will add some extra logging to print big errors if eap_sim_derive_keys
fails, as it appears that can only happen when the SSL implementation
is deficient.

Maybe it should even be a build error to compile in AKA while using gnutls?

Thanks,
Ben


-- 
Ben Greear <greearb at candelatech.com>
Candela Technologies Inc  http://www.candelatech.com



More information about the HostAP mailing list