Hi,
I just saw the talk of Karsten Nohl at 28C3 and ask myself if it would be possible to trigger a new session key (KC) after every e.g. Call,SMS,USSD and silent SMS :) for next event.
I mean it seems that e.g. in O2 Network in germany the key never changes, only when turning off and on the phone and after many events.
For O2 it maybe enough to reconnect to the network? I really would like to get a somewhat secure GSM connection for my anchor mobile at home (remotely controlled from the PC) for my nationwide homezone (BWHZ), using osmocombb. :)
Has anyone a suggestion, idea?
Thanks
Tim
On Sat, 11 Feb 2012, Sylvain Munaut wrote:
Has anyone a suggestion, idea?
Transmit '7' as the key sequence number. This tells the network there is no valid Kc in the SIM, so the network will issue a new AUTH REQ to get a new Kc.
ok, perfect, thanks. If nobody has implemented something like that, I will try that next week.
But maybe somebody (maybe you :)) is deep enough in the code, to easily find the place to put that in?
Cheers
Tim
But maybe somebody (maybe you :)) is deep enough in the code, to easily find the place to put that in?
This is more Andreas' area of expertise.
However a quick grep on "key_seq" would get your started.
I guess you'd need:
- Add a vty option for it - Add a 'subscr_get_key_seq' helper that either returns the real one or force 7 if the privacy option is set - Replace direct subscr->key_seq access by this helper in each of the 3 possible initial messages : gsm48_mm_tx_loc_upd_req, gsm48_mm_tx_cm_serv_req, gsm48_rr_dl_est (in the paging response creation)
Cheers,
Sylvain
On Sat, 11 Feb 2012, Sylvain Munaut wrote:
Hi Sylvain,
I guess you'd need:
- Add a vty option for it
- Add a 'subscr_get_key_seq' helper that either returns the real one
or force 7 if the privacy option is set
- Replace direct subscr->key_seq access by this helper in each of the
3 possible initial messages : gsm48_mm_tx_loc_upd_req, gsm48_mm_tx_cm_serv_req, gsm48_rr_dl_est (in the paging response creation)
wow, thank you so much for directing me.
I made the attached patch. For USSD it is really working. I didn't test more. So if you would be so kind, could you check if every event is covered now (especially things like silent SMS; I don't know how to test that)?
And if so, would you commit the patch in the git?
Cheers and thanks
Tim
Hi,
I made the attached patch. For USSD it is really working. I didn't test more. So if you would be so kind, could you check if every event is covered now (especially things like silent SMS; I don't know how to test that)?
Silent SMS are just like normal SMS ...
And if so, would you commit the patch in the git?
Please make sure you indent everything with TABs.
Once you fix that and resend I think it'll be OK. But I'll let Andreas look at it and commit it since it's own code.
Cheers,
Sylvain
Oh, I also just noticed : you should probably declare
int subscr_get_key_seq(struct osmocom_ms *ms, struct gsm_subscriber *subscr);
somewhre in a .h ...
Cheers,
Sylvain
On Sun, 12 Feb 2012, Sylvain Munaut wrote:
Hi Sylvain,
Silent SMS are just like normal SMS ...
ok, SMS is working, just checked.
Please make sure you indent everything with TABs.
Once you fix that and resend I think it'll be OK. But I'll let Andreas look at it and commit it since it's own code.
Oh, I also just noticed : you should probably declare int subscr_get_key_seq(struct osmocom_ms *ms, struct gsm_subscriber *subscr); somewhre in a .h ...
I hope its ok now.
Tim
Hi,
Actually, I have a couple more points:
* why declare it in networks.h ? there is a subscriber.h which seem more appropriate * I would actually call it gsm_subscr_get_key_seq , it seems to be the convention of that file for exported functions * The convention for vty commands uses '-' instead of '_', so call it "force-key" rather than "force_key" * Actually maybe call if "force-rekey" everywhere (vty, variable name, ...) since this seems more decriptive (you don't force the key, you force the negotiation of a new key)
@Andreas: Do you see anything else ?
Cheers,
Sylvain
On Sun, 12 Feb 2012, Sylvain Munaut wrote:
Hi Sylvain,
Actually, I have a couple more points:
- why declare it in networks.h ? there is a subscriber.h which seem
more appropriate
- I would actually call it gsm_subscr_get_key_seq , it seems to be
the convention of that file for exported functions
- The convention for vty commands uses '-' instead of '_', so call it
"force-key" rather than "force_key"
- Actually maybe call if "force-rekey" everywhere (vty, variable name,
...) since this seems more decriptive (you don't force the key, you force the negotiation of a new key)
ok, I hope its correct and conventional now.
Cheers
Tim
baseband-devel@lists.osmocom.org
-
jolly -
Sylvain Munaut -
Tim Ehlers