4 Mar
2016
4 Mar
'16
2:59 p.m.
The people who use EAP-SIM are typically Telcos who buy SIM cards directly from the manufacturers, and who therefore can control the keys.
As a third-party person trying to authenticate random SIM cards... it's impossible.
Ok. Makes sense. So EAP-SIM is a niche market. The majority of users who are not Telcos are not doing it..
Now that I think about it, the other option is through SS7. If you're big enough to get SS7 access, then you could actually query for auth tuples on-demand. Cheers, Sylvain