This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Holger Freyther holger at freyther.de> On 24 Sep 2015, at 13:44, Neels Hofmeyr <nhofmeyr at sysmocom.de> wrote: > > > +This document describes the remote protocol that is used by the SGSN and MAP > +proxy to authenticate each other. The protocol and the messages are designed > +after the corresponding MAP messages (see GSM 09.02) with the following > +differences: not just remove the above but provide a short general statement about what this protocol should provide. > > +Ideal communication sequence: > + > + SGSN MAP Proxy GSM MAP is a protocol, the MAP Proxy is a system to relay these. You could also opt for more generic terms like “Client”/“Server” “Consumer”/“Provider” > +When the SGSN has received a Challenge, it may verify the server's > +authenticity, and reply with a CHALLENGE_RES message. This shall contain SRES > +(and Kc?) authentication tokens generated by milenage from the same random > +bytes received from the server and the same shared secet. If the SGSN cannot > +verify the server's authenticity, it shall instead send a CHALLENGE_ERR > +message. Okay, I just said something else to Harald but adding (and not implementing) the following. If the server key matches but the SQN is wrong an AUTS will be included by the client? No security expert here.. is it better to always include the AUTS or not? The attacker will then know the key was right.. and just needs one more try then. If using the wrong key to get the SQN.. it will always fail *shrug* So maybe omit the AUTS as we don’t handle SQN failures right now. the rest reads fine. holger