EAP-SIM Testing Fails

Alan DeKok aland at deployingradius.com
Thu Mar 22 23:19:49 CET 2018

On Mar 22, 2018, at 4:58 PM, François Vergès <misterpaco21 at gmail.com> wrote:
> I have setup freeradius in my lab environment to authenticate an Android
> cell phone using EAP-SIM and a SIM card.
> Performing a packet capture over the Wi-Fi, I was able to realize that the
> phone receive the EAP-SIM challenge request but doesn't reply with a
> EAP-SIM Challenge response. Instead, it replies with a EAP-SIM Client-Error
> (0). I can also see the RAND values in the EAP-SIM Challenge Request packet.
> I have used this script to generate the triplets (RAND, SRES and KC) using
> the Ki number of the SIM card:
> https://github.com/skelsec/COMP128/blob/master/COMP128.py

  Hmm...  use 3.0.16, and set EAP-SIM-Ki.  The server will create the triplets automatically:

# 'users' file

1901700000020240 at wlan.mnc070.mcc901.3gppnetwork.org  EAP-SIM-Ki := 0xabcdef0123...

# 'users' file

  Alan DeKok.

More information about the Freeradius-Users mailing list