WiMAX / LTE EPS-AKA Key Generation

Sun Oct 4 20:02:04 CEST 2020

This sounds a lot like EAP-AKA or EAP-AKA Prime and I thought there was
work underway for it to be included in v4.
I’m fairly sure the SQN is supposed to be incremented and you can either
store it back in your simdb or in a separate cache when I was interpreting
how our HLR worked.

I would say putting effort into getting it working in v4 as part of a
rap-aka / aka’ is more worthwhile than back porting it to v3.

On Mon, 5 Oct 2020 at 04:39, Benjamin Thompson <b.thompson at latera.ru> wrote:

> On Sat, 3 Oct 2020 at 02:55, Alan DeKok <aland at deployingradius.com> wrote:
>
>
>
> > On Oct 2, 2020, at 4:47 PM, Benjamin Thompson <b.thompson at latera.ru>
>
> > wrote:
>
> > > I am writing to ask whether anyone has any advice or scripts etc. to
>
> > > generate the Authentication Vector (AUTN, RAND, XRES, and KASME) for
> LTE
>
> > > authentication.
>
> >
>
> >   As with most 3G specs, they're fairly complex.  And not easy to
>
> > understand.
>
> >
>
> >   It's probably fairly easy to update the WiMAX dictionaries with the
>
> > latest WiMAX attributes.
>
> >
>
> >   My $0.02 would be to put the relevant calculations into rlm_wimax.
> Once
>
> > you understand the specs, the code shouldn't be *too* bad.
>
> >
>
> >   We're happy to help answer questions about FreeRADIUS.  But I can't
>
> > promise to spend days reading through 3G specs.  If you can supply
> patches,
>
> > we're more than happy to add them to the server.
>
> >
>
>
>
>
>
> Hi Alan
>
>
>
> Thanks for your advice. Regarding the WiMAX dictionary will create a pull
>
> request soon. As for the rest I have done a bit of research and come up
>
> with the following:
>
>
>
> Glossary
>
>
>
> IMSI = International mobile subscriber identity
>
> Ki = Authentication key
>
> AMF = Authentication management field
>
> OPc = Network operators key
>
> AK = Anonymity key
>
> CK = Cipher key
>
> IK = Integrity key
>
> XRES = Expected response
>
> ICCID = Integrated circuit card identifier
>
> PLMN = Public land mobile network ID (Mobile Country Code + Mobile Network
>
> Code)
>
>
>
> Steps required by FreeRADIUS:
>
>
>
> 1) Grab IMSI (User-Name) and PLMN (WiMAX attr 146) from Access-Request
>
> 2) Lookup SIM in DB by IMSI and retrieve Ki, OPc, AMF
>
> 3) Generate SQN (I am not sure whether this should be reset for each
>
> authentication or cached somewhere and incremented)
>
> 4) Generate a 16 byte random value and store it in RAND
>
> 5) Feed AMF, Ki, SQN and RAND into Milenage algorithm (f1, f2, f3, f4, f5)
>
> which returns AUTN, AK, CK, IK, XRES.
>
> 6) Generate KASME from AK, CK, IK, PLMN, SQN using the following algorithm:
>
>     a) Generate key k = CK || IK
>
>     b) Initialise a 14 byte buffer s
>
>     c) Assign the first byte of s as 0x10
>
>     d) Copy the 3 bytes of PLMN into s
>
>     e) Assign 5th and 6th byte as 0x00 and 0x03
>
>     f) Assign the next 6 bytes as SQN ⊕ AK
>
>     g) Assign the last two bytes as 0x00 and 0x06
>
>     h) Perform an HMAC-SHA256 using Key k from step 1 and s as the message.
>
> (ref. https://medium.com/uw-ictd/lte-authentication-2d0810a061ecSudheesh
>
> Singanamalla
>
> <
> https://medium.com/@sudheeshsinganamalla?source=post_page-----2d0810a061ec--------------------------------
> >Sudheesh
>
> Singanamalla
>
> <
> https://medium.com/@sudheeshsinganamalla?source=post_page-----2d0810a061ec--------------------------------
> >
>
> )
>
> 7) Return AUTN, RAND, XRES, and KASME (WiMAX attr 145 tlvs) in
> Access-Accept
>
>
>
> I noticed that the Milenage algorithm is implemented in
>
> src/lib/sim/milenage.c in v4. So if this could be cherry picked into
>
> /src/lib/ in v3 then as I understand it what would remain is:
>
>
>
> 1) Create a function for KASME generation. (not sure if this should go in
>
> rlm_wimax or e.g lib/kasme.c)
>
> 2) In rlm_wimax:
>
>     a) Get input values from request:User-Name, request:WiMAX-146 and
>
> control:xxx attributes (including SQN)
>
>     b) Generate RAND
>
>     c) Call the various Milenage functions from milenage.c and store AUTN,
>
> RAND, XRES in the relevant WiMAX reply attributes (and in variables save
>
> AK, CK and IK)
>
>     c) Call the KASME generation function and save the result in to the
>
> WiMAX reply attribute
>
> -
>
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html