This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Harald Welte laforge at gnumonks.orgHi!
Today I spent some time investigating the cheap 16-in-1 SIM cards on which
we can set our own Ki. This means that those cards can be used for
cryptographic authentication with OpenBSC. Finally, we will have not only
IMSI-based identification, but actual authentication!
I've created a page in the Wiki about those cards:
http://openbsc.gnumonks.org/trac/wiki/MagicSIM
Using this information, I could send the RUN GSM ALGORITHM APDU to the card and
retreive SRES + Kc. The result matched what I can also obtain using the
COMP128v1 code from http://www.scard.org/gsm/a3a8.txt
I will add Comp128v1 support to OpenBSC as soon as I have tested acutal
authentication using this 16-in-1 SIM card.
By the way: It would really be great if somebody could hack up a small command
line program that can be used to program the Operator Name, Ki, ICCID, IMSI and
preferred PLMN into the 16-in-1 SIM.
Regards,
Harald
--
- Harald Welte <laforge at gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)