📄 draft-haverinen-pppext-eap-sim-05.txt
字号:
Haverinen Expires in six months [Page 11]
Internet Draft EAP SIM Authentication June 2002
ignored on reception. The AT_IV attribute MUST be included if and
only if the AT_ENCR_DATA is included. Messages that do not meet this
condition MUST be silently discarded.
The sender of the AT_IV attribute chooses the initialization vector
by random. The sender MUST NOT reuse the initialization vector value
from previous EAP SIM packets but the sender MUST choose it freshly
for each AT_IV attribute. The sends SHOULD use a good source of
randomness to generate the initialization vector. The format of
AT_IV is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AT_IV | Length = 5 | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Initialization Vector |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The value field of the AT_ENCR_DATA attribute consists of two
reserved bytes followed by bytes encrypted using the Advanced
Encryption Standard (AES) [5] in the Cipher Block Chaining (CBC)
mode of operation, using the initialization vector from the AT_IV
attribute. The reserved bytes are set to zero when sending and
ignored on reception. Please see [6] for a description of the CBC
mode. The format of the AT_ENCR_DATA attribute is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AT_ENCR_DATA | Length | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. Encrypted Data .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The derivation of the encryption key (K_encr) is specified in
Section 15.
The plaintext consists of nested EAP/SIM attributes.
8. EAP-Response/Identity
In the beginning of EAP authentication, the Authenticator issues the
EAP-Request/Identity packet to the client. The client responds with
Haverinen Expires in six months [Page 12]
Internet Draft EAP SIM Authentication June 2002
EAP-Response/Identity, which contains the user's identity. The
formats of these packets are specified in [1].
GSM subscribers are identified with the International Mobile
Subscriber Identity (IMSI) [7]. The IMSI is composed of a three
digit Mobile Country Code (MCC), a two or three digit Mobile Network
Code (MNC) and a not more than 10 digit Mobile Subscriber
Identification Number (MSIN). In other words, the IMSI is a string
of not more than 15 digits. MCC and MNC uniquely identify the GSM
operator.
Internet AAA protocols identify users with the Network Access
Identifier (NAI) [8]. When used in a roaming environment, the NAI is
composed of a username and a realm, separated with "@"
(username@realm). The username portion identifies the subscriber
within the realm. The AAA nodes use the realm portion of the NAI to
route AAA requests to the correct AAA server. The realm name used in
this protocol MAY be chosen by the operator and it MAY a
configurable parameter in the EAP/SIM client implementation. In this
case, the client is typically configured with the NAI realm of the
home operator. Operators MAY reserve a specific realm name for
EAP/SIM users. This convention makes it easy to recognize that the
NAI identifies a GSM subscriber. Such reserved NAI realm may be
useful as a hint as to the first authentication method to use during
method negotiation.
There are two types of NAI username portions in EAP/SIM: non-
pseudonym permanent usernames and pseudonym usernames. When the
optional IMSI privacy support is not used, the non-pseudonym
permanent username is used. The non-pseudonym permanent username is
of the format "1imsi". In other words, the first character of the
username is the digit one (ASCII value 0x31), followed by the IMSI.
The IMSI is an ASCII string that consists of not more than 15
decimal digits (ASCII values between 0x30 and 0x39) as specified in
[7].
The EAP server MAY use the leading "1" as a hint to try EAP/SIM as
the first authentication method during method negotiation, rather
than for example EAP/AKA. The EAP/SIM server MAY propose EAP/SIM
even if the leading character was not "1".
When the optional identity privacy support is used, the client MAY
use the pseudonym received as part of the previous authentication
sequence as the username portion of the NAI, as specified in Section
5. The client MUST NOT modify the pseudonym received in
AT_PSEUDONYM. For example, the client MUST NOT append any leading
characters in the pseudonym.
If no configured realm name is available, the client MAY derive the
realm name from the MCC and MNC portions of the IMSI. In this case,
the realm name is obtained by concatenating "mnc", the MNC digits of
IMSI, ".mcc", the MCC digits of IMSI and ".owlan.org". For example,
Haverinen Expires in six months [Page 13]
Internet Draft EAP SIM Authentication June 2002
if the IMSI is 123456789098765, and the MNC is three digits long,
then the derived realm name is "mnc456.mcc123.owlan.org".
If the client is not able to determine whether the MNC is two or
three digits long, the client MAY use a 3-digit MNC. If the correct
length of the MNC is two, then the MNC used in the realm name will
include the first digit of MSIN. Hence, when configuring AAA
networks for operators that have 2-digit MNC's, the network SHOULD
also be prepared for realm names with incorrect 3-digit MNC's.
9. EAP-Request/SIM/Start
The first SIM specific EAP Request is of subtype Start. The format
of the EAP Request/SIM/Start packet is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Code | Identifier | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Subtype | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|AT_PERM..._REQ | Length = 1 | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|AT_ID..._REQ | Length = 1 | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Code
1 for Request
Identifier
See [1].
Length
The length of the EAP packet.
Type
18
Subtype
10
Reserved
Set to zero on sending, ignored on reception
Haverinen Expires in six months [Page 14]
Internet Draft EAP SIM Authentication June 2002
AT_PERMANENT_IDENTITY_REQ
The AT_PERMANENT_IDENTITY_REQ attribute is optional and it is
included in the cases defined in Section 5. It MUST NOT be
included if AT_IDENTITY_REQ is included. The value field only
contains two reserved bytes, which are set to zero on sending and
ignored on reception.
AT_IDENTITY_REQ
The AT_IDENTITY_REQ attribute is optional and it is included in
the cases defined in Section 4. It MUST NOT be included if
AT_PERMANENT_IDENTITY_REQ is included. The value field only
contains two reserved bytes, which are set to zero on sending and
ignored on reception.
10. EAP-Response/SIM/Start
The format of the EAP Response/SIM/Start packet is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Code | Identifier | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Subtype | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|AT_NONCE_MT | Length = 5 | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| NONCE_MT |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AT_PERM... | Length | Actual Identity Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. Cleartext Identity (optional) .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AT_IDENTITY | Length | Actual Identity Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. Current Identity (optional) .
. .
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Code
2 for Response
Haverinen Expires in six months [Page 15]
Internet Draft EAP SIM Authentication June 2002
Identifier
See [1].
Length
The length of the EAP packet.
Type
18
Subtype
10
Reserved
Set to zero when sending, ignored on reception.
AT_NONCE_MT
The AT_NONCE_MT attribute MUST be included. The value field
contains two reserved bytes followed by a random number generated
by the client (16 bytes) freshly for this EAP/SIM authentication.
The random number is used as a seed value for the new keying
material. The reserved bytes are set to zero upon sending and
ignored upon reception.
AT_PERMANENT_IDENTITY
The AT_PERMANENT_IDENTITY attribute is optional and it is
included in cases defined in Section 5. It MUST NOT be included
if AT_IDENTITY is included. The value field of this attribute
begins with 2-byte actual identity length, which specifies the
length of the identity in bytes. This field is followed by the
non-pseudonym permanent Network Access Identifier username
portion of the indicated actual length. The username format is
specified in Section 8. The username does not include any
terminating null characters. Because the length of the attribute
must be a multiple of 4 bytes, the sender pads the identity with
zero bytes when necessary.
AT_IDENTITY
The AT_IDENTITY attribute is optional and it is included in cases
defined in Section 4. It MUST NOT be included if
AT_PERMANENT_IDENTITY is included. The value field of this
attribute begins with 2-byte actual identity length, which
specifies the length of the identity in bytes. This field is
followed by the Network Access Identifier username portion of the
indicated actual length. The username format is specified in
Section 8. The username is either the non-pseudonym permanent
Haverinen Expires in six months [Page 16]
Internet Draft EAP SIM Authentication June 2002
username or a pseudonym username. The username does not include
any terminating null characters. Because the length of the
attribute must be a multiple of 4 bytes, the sender pads the
identity with zero bytes when necessary.
11. EAP-Request/SIM/Challenge
The format of the EAP-Request/SIM/Challenge packet is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Code | Identifier | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Subtype | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AT_RAND | Length | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
. n*RAND .
. .
| |
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -