OpenBSC, 16-in-1 SIM and COMP128v1 authentication

Hi! Today I spent some time investigating the cheap 16-in-1 SIM cards on which we can set our own Ki. This means that those cards can be used for cryptographic authentication with OpenBSC. Finally, we will have not only IMSI-based identification, but actual authentication! I've created a page in the Wiki about those cards: http://openbsc.gnumonks.org/trac/wiki/MagicSIM Using this information, I could send the RUN GSM ALGORITHM APDU to the card and retreive SRES + Kc. The result matched what I can also obtain using the COMP128v1 code from http://www.scard.org/gsm/a3a8.txt I will add Comp128v1 support to OpenBSC as soon as I have tested acutal authentication using this 16-in-1 SIM card. By the way: It would really be great if somebody could hack up a small command line program that can be used to program the Operator Name, Ki, ICCID, IMSI and preferred PLMN into the 16-in-1 SIM. Regards, Harald -- - Harald Welte <laforge(a)gnumonks.org> http://laforge.gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)