About the EAP-AKA

Jouni Malinen j
Wed Oct 12 13:47:33 PDT 2011

On Sat, Oct 08, 2011 at 10:07:32AM +0800, ??? wrote:
> The one which I tested is not a "test card". Do you mean that I should know the "IMSI Ki OPc AMF SQN" all the five parameters about the USIM card? That could be a BIG problem. Anyone know how to get these parameters?

Testing EAP-AKA with a real USIM card will likely require you to have a
test card or access to an operator authentication server. These cards
are designed to make it difficult for the private parameters to be

> Yes, the "#" is for comment purpose. If I do not add a special prefix in the EAP-AKA user name, will the authentication success? If the user name is "cisco", please give me a example for how to set the configuration file. Thanks!

You can run through EAP-AKA regardless of what identify is used in
EAP-Response/Identity, so this does not really matter in that sense.
However, the most common use cases for EAP-AKA do use a specific format
that starts with 0/2/4 prefix.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list