Hello everybody,
I'm trying to make a testbed for EAP-SIM with freeradius to authenticate on a WLAN network. it works well thanks to the patch provided by seek-for-android : you can see the details here : http://code.google.com/p/seek-for-android/wiki/EapSimAka but you need to store IMSI, RAND, SRES, KC in a flat file as by default, we don't have the Ki of SIM cards and don't have a HLR so we need to precalculate these values.
For our testbed, we're using some MagicSIM we've programmed with our own Ki. So I wonder if anybody has already done some integration of freeradius with openbsc HLR to do EAP-SIM ?
Or is there a tool to calculate the triplets (RAND, SRES, KC) with input the IMSI (and Ki stored in the database) ? If not, could someone points me where to start to write my own tool ? I don't think pysim can do it...
I found an entry about A3/A8 authentication here http://openbsc.osmocom.org/trac/changeset/3606cc576502b95d4973fac2af76d1b9bd... int get_authtuple_by_subscr(struct gsm_auth_tuple *atuple, struct gsm_subscriber *subscr) ...but I want to calculate gsm_auth_tuple, not retreive it from the database...
Thanks for any information :)
Hi Thus0,
On Thu, Aug 02, 2012 at 08:57:15AM +0200, Thus0 Petrus wrote:
I'm trying to make a testbed for EAP-SIM with freeradius to authenticate on a WLAN network. it works well thanks to the patch provided by seek-for-android : you can see the details here : http://code.google.com/p/seek-for-android/wiki/EapSimAka but you need to store IMSI, RAND, SRES, KC in a flat file as by default, we don't have the Ki of SIM cards and don't have a HLR so we need to precalculate these values.
I see. But then, why is that a problem or an insufficient solution?
Without the Ki, you _need_ to use precomputed values, there's no other chance.
For our testbed, we're using some MagicSIM we've programmed with our own Ki. So I wonder if anybody has already done some integration of freeradius with openbsc HLR to do EAP-SIM ?
The OpenBSC "HLR" is an integral part of OsmoNITB itself. At the moment, we don't have any interfaces by which external applications can query it. Separating it out from OsmoNITB is on the TODO list for some time now, but it hasn't happened yet.
Or is there a tool to calculate the triplets (RAND, SRES, KC) with input the IMSI (and Ki stored in the database) ?
Please check osmo-auc-gen from the tools subdirectory of libosmocore. It uses the authentication framework of libosmocore and user-provided Ki to compute RAND,SRES and Kc.
However, it is just a stand-alone command-line program, and doesn't interface with any database.
If not, could someone points me where to start to write my own tool ? I don't think pysim can do it...
I'd suggest to base off the auth.c api of libosmocore, i.e. exactly the same functions that osmo-auc-gen utilize.
Regards, Harald
-
Harald Welte -
Thus0 Petrus