About the EAP-AKA
Ming-Ching Tiew
mctiew
Wed Oct 12 18:27:13 PDT 2011
--- On Wed, 10/12/11, Jouni Malinen <j at w1.fi> wrote:
>
> Testing EAP-AKA with a real USIM card will likely require
> you to have a
> test card or access to an operator authentication server.
> These cards
> are designed to make it difficult for the private
> parameters to be
> extracted..
>
In my testing I modified hlr_auc_gw to retrieve the EAP-AKA parameter in this format :-
IMSI EAP-SIM-RAND EAP-SIM-AUTN EAP-Aka-IK EAP-Aka-CK EAP-SIM-RES
I think that's the format that the operator authentication server is going to throw back. It's not going to throw back the milenage info.
Similarly for testing purposes, I also modified the eapol_test configuration file so that it could take the password string in an encoded format of the above. With the modification, both the client and server could complete a EAP-AKA authentication test.
More information about the Hostap
mailing list