On Sat, 3 Oct 2020 at 02:55, Alan DeKok <aland@deployingradius.com> wrote:
On Oct 2, 2020, at 4:47 PM, Benjamin Thompson <b.thompson@latera.ru> wrote:
I am writing to ask whether anyone has any advice or scripts etc. to generate the Authentication Vector (AUTN, RAND, XRES, and KASME) for LTE authentication.
As with most 3G specs, they're fairly complex. And not easy to understand.
It's probably fairly easy to update the WiMAX dictionaries with the latest WiMAX attributes.
My $0.02 would be to put the relevant calculations into rlm_wimax. Once you understand the specs, the code shouldn't be *too* bad.
We're happy to help answer questions about FreeRADIUS. But I can't promise to spend days reading through 3G specs. If you can supply patches, we're more than happy to add them to the server.
Hi Alan Thanks for your advice. Regarding the WiMAX dictionary will create a pull request soon. As for the rest I have done a bit of research and come up with the following: Glossary IMSI = International mobile subscriber identity Ki = Authentication key AMF = Authentication management field OPc = Network operators key AK = Anonymity key CK = Cipher key IK = Integrity key XRES = Expected response ICCID = Integrated circuit card identifier PLMN = Public land mobile network ID (Mobile Country Code + Mobile Network Code) Steps required by FreeRADIUS: 1) Grab IMSI (User-Name) and PLMN (WiMAX attr 146) from Access-Request 2) Lookup SIM in DB by IMSI and retrieve Ki, OPc, AMF 3) Generate SQN (I am not sure whether this should be reset for each authentication or cached somewhere and incremented) 4) Generate a 16 byte random value and store it in RAND 5) Feed AMF, Ki, SQN and RAND into Milenage algorithm (f1, f2, f3, f4, f5) which returns AUTN, AK, CK, IK, XRES. 6) Generate KASME from AK, CK, IK, PLMN, SQN using the following algorithm: a) Generate key k = CK || IK b) Initialise a 14 byte buffer s c) Assign the first byte of s as 0x10 d) Copy the 3 bytes of PLMN into s e) Assign 5th and 6th byte as 0x00 and 0x03 f) Assign the next 6 bytes as SQN ⊕ AK g) Assign the last two bytes as 0x00 and 0x06 h) Perform an HMAC-SHA256 using Key k from step 1 and s as the message. (ref. https://medium.com/uw-ictd/lte-authentication-2d0810a061ecSudheesh Singanamalla <https://medium.com/@sudheeshsinganamalla?source=post_page-----2d0810a061ec-------------------------------->Sudheesh Singanamalla <https://medium.com/@sudheeshsinganamalla?source=post_page-----2d0810a061ec--------------------------------> ) 7) Return AUTN, RAND, XRES, and KASME (WiMAX attr 145 tlvs) in Access-Accept I noticed that the Milenage algorithm is implemented in src/lib/sim/milenage.c in v4. So if this could be cherry picked into /src/lib/ in v3 then as I understand it what would remain is: 1) Create a function for KASME generation. (not sure if this should go in rlm_wimax or e.g lib/kasme.c) 2) In rlm_wimax: a) Get input values from request:User-Name, request:WiMAX-146 and control:xxx attributes (including SQN) b) Generate RAND c) Call the various Milenage functions from milenage.c and store AUTN, RAND, XRES in the relevant WiMAX reply attributes (and in variables save AK, CK and IK) c) Call the KASME generation function and save the result in to the WiMAX reply attribute