moving ahead with eap-sim under 3.0.11
Alan DeKok
aland at deployingradius.com
Fri Mar 4 19:48:10 CET 2016
On Mar 4, 2016, at 12:22 PM, Michael Martinez <mwtzzz at gmail.com> wrote:
> I have made progress with the Sunpak card reader. I couldn't get it to
> work at all under Windows 8, but was able to get it to work with an
> iphone SIM card by downloading 'SIM-Manager" software from Depak which
> includes drivers. I guess these are the correct drivers because it was
> able to recognize and read the card. Then i downloaded agsm software
> from here: http://agsm.sourceforge.net/download.html Under the "Misc"
> tab there is a button for generating a random number, and then it
> queries the card for the SRES and Kc values.
>
> so, next step is to hard code these values into Radius.
Trying to authenticate third-party SIM cards is a hack. It will always be a hack. You MUST have the SIM keys in order to do proper, secure, authentication.
Sure, you can try the SIM with some random numbers, and record the responses. But you need to do this for ALL POSSIBLE random numbers and response. Or, you will end up re-using the random numbers... and an attacker can re-use them, too.
At this point, I have to say that hacking SIM cards is not a subject for this list. If you have questions or comments about FreeRADIUS and it's use of EAP-SIM, that's fine. But a history of what software you use to poke at the SIM cards is just not useful. Worse, it's misleading. People will search the net, find this discussion, and then ask questions about how they can do it, too.
You just cannot have FreeRADIUS authenticate random third-party SIM cards. You MUST have the SIM keys. If the SIM card provider won't give you the SIM keys, then what you want to do is *IMPOSSIBLE*.
Stop trying. It's a waste of time.
Alan DeKok.
More information about the Freeradius-Users
mailing list