Hello. Thank you very much for sharing your work!
As I am looking for integration of real USIM for EAP-AKA on client side, I would like to ask if you had any success in sending the right APDUs? Best regards, Dirk -- Dirk Meul P3 communications Cell: +49 151 571 33 167 Phone: +49 241 9437 230 E-Mail: [email protected] Web: www.p3-group.com P3 communications GmbH legal disclaimer, mandatory information and the P3 office addresses can be found at http://www.p3-group.com/portfolio-item/legal-disclaimer-p3-communications-gmbh -----Ursprüngliche Nachricht----- Von: [email protected] (Dragos Vingarzan) [mailto:dragos at corenetdynamics.com (Dragos Vingarzan)] Gesendet: Montag, 30. Juni 2014 12:38 Betreff: [strongSwan-dev] New plugin for eap-aka-3gpp (Soft-AKA with Rijndael/Milenage) Hi Again, so unfortunately I had no response to my request for help to integrate this. Attached the new plugin then, do what you want with it. Of course, I hope you would integrate it, so that we could stop distributing our own tree of strongswan. Works with standard HSS/SPR/HLR backend implementing the UMTS/LTE version of AKA, so basically implementing the algorithm in the most SIM cards out there today. "Server" side not extensively tested. Cheers, -Dragos On 14.04.2014 17:22, Dragos Vingarzan wrote: > Hi guys, > > so based on your eap-aka-3gpp2 plugin, I did one that implements the > 3GPP flavor, with Rijndael/Milenage instead of SHA-1. We're doing a > bit of testing now with our HSS/SPR from OpenEPC, which works fine > against real-life USIM cards and we'd like to contribute the module. I > need a bit of help actually, as you know better how to integrate it in > your build system, so should I just attach the patch? Or? > > The work is based on 3GPP TS 35.205->208. The module also generate > triplets, besides quintuplets. 3GPP specifies a derivation of SRES/Kc > from AKA material, for example to do legacy authentication when you > have a newer and safer USIM card only in your client device. The code > is there, but I can only hope that it would also work as an eap-sim > system and someone would find it useful. > > Of course, this is a software emulation of a card plus a limited > back-end provider (we're pipe-ing in our case actually the back-end > over RADIUS to our ePDG and then Diameter AAA/HSS/AuC servers). I am > also interested in helping with a eap-simaka-pcsc module (or would you > call that eap-usim-pcsc?), but I am still struggling a bit to send the > right APDUs to the real USIM cards as to make them to do AKA. If > anyone else is interested, please let me know. > > Oh, and of course, the latest buzz - does anyone know if Android > provides a SIM-card API? I don't think that PC/SC would work, as the > (U)SIM is in the modem. There is a 3GPP TS on how to send arbitrary > commands through AT+C modem commands, but support in real modems is > not there... > > Cheers, > -Dragos > > > -- > ----------------------------------------- > Dr.-Ing. Dragos Vingarzan > Founder and Technical Lead > Core Network Dynamics UG > A German Engineering Software Company registered in Berlin > (HRB152643B) > > mobile: +49 176 48 32 16 00 > web: www.corenetdynamics.com > Offices: Prinzessinnenstr. 18/19 - betahaus, 10969 Berlin, Germany > CEO: Dipl.Ing. Berthold Butscher > ---------------------------------------------------------------------- > ----- -------------- next part -------------- A non-text attachment was scrubbed... Name: eap_aka_3gpp_plugin.tgz Type: application/x-compressed-tar Size: 24900 bytes Desc: not available URL: <http://lists.strongswan.org/pipermail/dev/attachments/20140630/7a3a92f1/attachment-0001.bin> _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
