Re: Authentication and Encryption

Hello Harald, On Sun, 12 Jul 2009 16:02:11 +0200, "Harald Welte" <laforge(a)gnumonks.org> wrote: To implement it in a clean way in my opinion requires some discussion about how to do it so that it fits into the architecture: - When do the authentication, most certainly during the first Loacation Update, but when else ? - Where to store the subscriber Ki for authentication and the information about which algorithm is used ? Also store for each subscriber if authentication and/or encryption should to be used. - Where to cache Kc, its not necessary to authenticate every time when encryption for a channel is turned on. Kc from a previous authentication can be used several times. - Where to turn on encryption, every time a channel is allocated ? Those are just a few thoughts. I guess discussion about the details probably takes longer than if you or Holger implement it during your ongoing work on OpenBSC. Currently you both are the main people working on OpenBSC at several places of the implementation and a clean integration of authentication and encryption affects a lot of those places too. I am reluctant to interfere here, not because of the time it takes (its not that much) but because any changes should fit to what you plan to do. If anyone want to see the technical details, I can provide them, its rather simple and straightforward. Best regards, Dieter -- Dieter Spaar, Germany spaar(a)mirider.augusta.de