This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Harald Welte laforge at gnumonks.orgHi Sylvain,
On Thu, Jan 07, 2010 at 02:22:58PM +0100, Sylvain Munaut wrote:
> AFAIK, the phone only keeps the data from last authentication ( Kc & key_seq
> ).
> When you send a CIPHER MODE COMMAND, it will use the last negotiated one, no
> choice there.
of course. I meant you can keep multiple of them so you can select one of
them before doing an AUTH COMMAND
> Keeping multiple AuthTuple for a subscriber would be useless since only the
> last one has usable data. And it's even easier if we only keep one because
> this way, to find the next "key sequence", we can just take the old stored
> one and increment it ...
The idea of the AuthTuple is as follows:
* you don't know the Ki of a SIM card
* you still want to use authentication/encryption
* so you send a couple of challenges to the SIM, remember the RAND
and record the SRES + Kc that you get
now every time you want to authenticate that sim, you randomly select one of
your known AuthTuples and send the recorded RAND, compare the SRES.
--
- Harald Welte <laforge at gnumonks.org> http://laforge.gnumonks.org/
============================================================================
"Privacy in residential applications is a desirable marketing option."
(ETSI EN 300 175-7 Ch. A6)