About the EAP-AKA

Ming-Ching Tiew mctiew
Wed Oct 12 18:27:13 PDT 2011


--- On Wed, 10/12/11, Jouni Malinen <j at w1.fi> wrote:

> 
> Testing EAP-AKA with a real USIM card will likely require
> you to have a
> test card or access to an operator authentication server.
> These cards
> are designed to make it difficult for the private
> parameters to be
> extracted..
> 

In my testing I modified hlr_auc_gw to retrieve the EAP-AKA parameter in this format :- 

IMSI EAP-SIM-RAND EAP-SIM-AUTN EAP-Aka-IK EAP-Aka-CK EAP-SIM-RES

I think that's the format that the operator authentication server is going to throw back. It's not going to throw back the milenage info. 

Similarly for testing purposes, I also modified the eapol_test configuration file so that it could take the password string in an encoded format of the above. With the modification, both the client and server could complete a EAP-AKA authentication test.





More information about the Hostap mailing list