On Tue, Mar 01, 2022 at 11:16:50AM -0800, Mychaela Falconia wrote:
mode. I reason that these "modern" SIMs
must be using Milenage in
their native 3G/4G mode, thus their secret key material is not classic
Ki, but K/Ki (128 bits) plus OPc (another 128 bits), for a total of
256 bits of secret key material.
What happens when these "modern" SIMs are accessed via GSM 11.11 SIM
protocol, or when 2G authentication is requested in a USIM session?
Networks and user equipment capable of UTRAN a.k.a. R99+ ("release 99"), do use
full Milenage AKA even on 2G networks. For pre-R99 MS on a UTRAN capable
network, the HLR and USIM may use the 3G key material as basis to generate
shorter authentication tokens -- this is not seen in practice at all these
days. It is reasonable to expect full Milenage Authentication and Key Agreement
everywhere.
Figure 18 in 3GPP 33.102 section 6.8.1.1 shows all of this in detail. I had
this chart on the wall when implementing UMTS AKA in osmo-hlr and osmo-msc.
~N