This sounds a lot like EAP-AKA or EAP-AKA Prime and I thought there was work underway for it to be included in v4. I’m fairly sure the SQN is supposed to be incremented and you can either store it back in your simdb or in a separate cache when I was interpreting how our HLR worked. I would say putting effort into getting it working in v4 as part of a rap-aka / aka’ is more worthwhile than back porting it to v3. On Mon, 5 Oct 2020 at 04:39, Benjamin Thompson <b.thompson@latera.ru> wrote:
On Sat, 3 Oct 2020 at 02:55, Alan DeKok <aland@deployingradius.com> wrote:
On Oct 2, 2020, at 4:47 PM, Benjamin Thompson <b.thompson@latera.ru>
wrote:
I am writing to ask whether anyone has any advice or scripts etc. to
generate the Authentication Vector (AUTN, RAND, XRES, and KASME) for LTE
authentication.
As with most 3G specs, they're fairly complex. And not easy to
understand.
It's probably fairly easy to update the WiMAX dictionaries with the
latest WiMAX attributes.
My $0.02 would be to put the relevant calculations into rlm_wimax. Once
you understand the specs, the code shouldn't be *too* bad.
We're happy to help answer questions about FreeRADIUS. But I can't
promise to spend days reading through 3G specs. If you can supply patches,
we're more than happy to add them to the server.
Hi Alan
Thanks for your advice. Regarding the WiMAX dictionary will create a pull
request soon. As for the rest I have done a bit of research and come up
with the following:
Glossary
IMSI = International mobile subscriber identity
Ki = Authentication key
AMF = Authentication management field
OPc = Network operators key
AK = Anonymity key
CK = Cipher key
IK = Integrity key
XRES = Expected response
ICCID = Integrated circuit card identifier
PLMN = Public land mobile network ID (Mobile Country Code + Mobile Network
Code)
Steps required by FreeRADIUS:
1) Grab IMSI (User-Name) and PLMN (WiMAX attr 146) from Access-Request
2) Lookup SIM in DB by IMSI and retrieve Ki, OPc, AMF
3) Generate SQN (I am not sure whether this should be reset for each
authentication or cached somewhere and incremented)
4) Generate a 16 byte random value and store it in RAND
5) Feed AMF, Ki, SQN and RAND into Milenage algorithm (f1, f2, f3, f4, f5)
which returns AUTN, AK, CK, IK, XRES.
6) Generate KASME from AK, CK, IK, PLMN, SQN using the following algorithm:
a) Generate key k = CK || IK
b) Initialise a 14 byte buffer s
c) Assign the first byte of s as 0x10
d) Copy the 3 bytes of PLMN into s
e) Assign 5th and 6th byte as 0x00 and 0x03
f) Assign the next 6 bytes as SQN ⊕ AK
g) Assign the last two bytes as 0x00 and 0x06
h) Perform an HMAC-SHA256 using Key k from step 1 and s as the message.
(ref. https://medium.com/uw-ictd/lte-authentication-2d0810a061ecSudheesh
Singanamalla
< https://medium.com/@sudheeshsinganamalla?source=post_page-----2d0810a061ec--...
Sudheesh
Singanamalla
< https://medium.com/@sudheeshsinganamalla?source=post_page-----2d0810a061ec--...
)
7) Return AUTN, RAND, XRES, and KASME (WiMAX attr 145 tlvs) in Access-Accept
I noticed that the Milenage algorithm is implemented in
src/lib/sim/milenage.c in v4. So if this could be cherry picked into
/src/lib/ in v3 then as I understand it what would remain is:
1) Create a function for KASME generation. (not sure if this should go in
rlm_wimax or e.g lib/kasme.c)
2) In rlm_wimax:
a) Get input values from request:User-Name, request:WiMAX-146 and
control:xxx attributes (including SQN)
b) Generate RAND
c) Call the various Milenage functions from milenage.c and store AUTN,
RAND, XRES in the relevant WiMAX reply attributes (and in variables save
AK, CK and IK)
c) Call the KASME generation function and save the result in to the
WiMAX reply attribute
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html