moving ahead with eap-sim under 3.0.11

Michael Martinez mwtzzz at gmail.com
Fri Mar 4 16:09:24 CET 2016


I've done some research and now I understand how eap-sim works: in
theory the server generates a random number (RAND) and gives this to
the client. The client uses it along with some secret key Ki to
generate response values RES and Kc. It gives these back to the
server. If the server also knows what Ki is, then it can generate
those response values itself and check to make sure they match. But in
practice the only two places where Ki is known is on the SIM card and
the mobile network operator. The mobile network operator will probably
never give out those values (and if they did it would probably be a
bureaucratic nightmare to get them). So the next best thing is the
following workaround: obtain a SIM card reader and some reader
software, feed some different RAND numbers to it to get the RES and Kc
values and hard code these into the Radius server. The radius server
will then know what the expected RES and Kc values are for said RANDs.
The drawback is that it is not truly randomizing the numbers,it's
picking from a small set of hardcoded values every time. But it's the
only thing we can do. That's my understanding to this point; hopefully
I am understanding correctly.

Here's where I'm stuck. It appears there is a scarcity of SIM card
readers. I found one at my local electronics store: a Sunpak 72-in-1
high speed card reader - a $10 piece of junk (i guess USB 2.0 is "high
speed" to these folks) that not only fails to read any sort of card I
put into it, but also rather consistently locks up both my Window 8
laptop and my Windows 7 PC.

Online doesn't look any better. There's a couple cheap SIM card
readers in the $5 range. Of course I have doubts about these. So my
first question is: can anyone recommend a reliable, quality Sim
reader?

-- 
---
Michael Martinez
http://www.michael--martinez.com


More information about the Freeradius-Users mailing list