On Tue, Nov 27, 2012 at 01:48:12PM +0100, Yann R. Moupinda wrote:
Hi,
But only accepting weak keyes is not logical.
All RAND values included in the eap request/sim/challenge message contain lowercase HEX characters.
you will need to reduce the issue but I don't think it is the RAND. Use osmo-auc-gen to generate the RAND, Sres and Kc and run the gsm algorithm and compare the result.
The second half is done in the following script: #!/usr/bin/env python from pySim.transport.serial import SerialSimLink from pySim.commands import SimCardCommands from pySim.transport.pcsc import PcscSimLink from pySim.utils import swap_nibbles
#sl = SerialSimLink(device='/dev/ttyUSB0', baudrate=9600) sl = PcscSimLink(0) #opts.pcsc_dev) sc = SimCardCommands(sl)
sl.wait_for_card()
# Print IMSI print sc.read_binary(['3f00', '7f20', '6f07']) (res,_) = sc.read_binary(['3f00', '7f20', '6f07']) print swap_nibbles(res)[3:]
# The RAND as printed by osmo-auc-gen (res, _) = sc.run_gsm('58 f7 46 05 c9 da a9 2b 15 e7 db 7e fd 53 02 3a'.replace(' ', ''))
# SRES and Kc concatinated print res == ('29 fd 55 45 d5 ab 99 85 56 13 b4 00'.replace(' ', ''))
I think the above RAND matches your classification for 'strong', it is returns the expected result. Make sure that you are using the right A3A8 algorithm in your setup, I don't think it has anything to do with the RAND.
holger