Make hostapd-0.5.8 as Authentication server
Mon Jun 18 09:34:36 PDT 2007
On Thu, Jun 14, 2007 at 07:16:36PM +0800, ?L Kinki wrote:
> If I enable hlr_auc_gw to authenticate the clients, IMSI,KC,SRES,and RAND
> should be written in hlr_auc_gw.milenage_db , or hostapd.sim_db?
Those parameters go into sim_db for EAP-SIM. Similar set of parameter
for EAP-AKA go to .milenage_db.
> Does the OPc value in hlr_auc_gw.milenage_db mean the random number?
It's encrypted version of OP (which would be a random number).
> And about the AMF, how could I get it ?
Selected by whoever defined the parameters for AKA.
> Can I get them from any messages?
> I am trying to test EAP-SIM and EAP-AKA using my code, so I don't use a
> real USIM to authenticate.
> Can I fake a AMF and a OPc ? or I must get them from a real USIM?
What components did you implement? If you are implementing EAP peer
method for EAP-SIM and EAP-AKA and in addition, the full SIM/USIM
operations for GSM and AKA authentication, then yes, you can use pretty
much any value as long as it matches with the client and server. If you
do not want to use Milenage for AKA, you could even replace hlr_auc_gw
in hostapd to provide some other parameters.
Jouni Malinen PGP id EFC895FA
More information about the Hostap