📄 draft-haverinen-pppext-eap-sim-05.txt
字号:
Haverinen Expires in six months [Page 11]
Internet Draft EAP SIM Authentication June 2002 ignored on reception. The AT_IV attribute MUST be included if and only if the AT_ENCR_DATA is included. Messages that do not meet this condition MUST be silently discarded. The sender of the AT_IV attribute chooses the initialization vector by random. The sender MUST NOT reuse the initialization vector value from previous EAP SIM packets but the sender MUST choose it freshly for each AT_IV attribute. The sends SHOULD use a good source of randomness to generate the initialization vector. The format of AT_IV is shown below. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AT_IV | Length = 5 | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Initialization Vector | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The value field of the AT_ENCR_DATA attribute consists of two reserved bytes followed by bytes encrypted using the Advanced Encryption Standard (AES) [5] in the Cipher Block Chaining (CBC) mode of operation, using the initialization vector from the AT_IV attribute. The reserved bytes are set to zero when sending and ignored on reception. Please see [6] for a description of the CBC mode. The format of the AT_ENCR_DATA attribute is shown below. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AT_ENCR_DATA | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . Encrypted Data . . . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The derivation of the encryption key (K_encr) is specified in Section 15. The plaintext consists of nested EAP/SIM attributes. 8. EAP-Response/Identity In the beginning of EAP authentication, the Authenticator issues the EAP-Request/Identity packet to the client. The client responds with Haverinen Expires in six months [Page 12]
Internet Draft EAP SIM Authentication June 2002 EAP-Response/Identity, which contains the user's identity. The formats of these packets are specified in [1]. GSM subscribers are identified with the International Mobile Subscriber Identity (IMSI) [7]. The IMSI is composed of a three digit Mobile Country Code (MCC), a two or three digit Mobile Network Code (MNC) and a not more than 10 digit Mobile Subscriber Identification Number (MSIN). In other words, the IMSI is a string of not more than 15 digits. MCC and MNC uniquely identify the GSM operator. Internet AAA protocols identify users with the Network Access Identifier (NAI) [8]. When used in a roaming environment, the NAI is composed of a username and a realm, separated with "@" (username@realm). The username portion identifies the subscriber within the realm. The AAA nodes use the realm portion of the NAI to route AAA requests to the correct AAA server. The realm name used in this protocol MAY be chosen by the operator and it MAY a configurable parameter in the EAP/SIM client implementation. In this case, the client is typically configured with the NAI realm of the home operator. Operators MAY reserve a specific realm name for EAP/SIM users. This convention makes it easy to recognize that the NAI identifies a GSM subscriber. Such reserved NAI realm may be useful as a hint as to the first authentication method to use during method negotiation. There are two types of NAI username portions in EAP/SIM: non- pseudonym permanent usernames and pseudonym usernames. When the optional IMSI privacy support is not used, the non-pseudonym permanent username is used. The non-pseudonym permanent username is of the format "1imsi". In other words, the first character of the username is the digit one (ASCII value 0x31), followed by the IMSI. The IMSI is an ASCII string that consists of not more than 15 decimal digits (ASCII values between 0x30 and 0x39) as specified in [7]. The EAP server MAY use the leading "1" as a hint to try EAP/SIM as the first authentication method during method negotiation, rather than for example EAP/AKA. The EAP/SIM server MAY propose EAP/SIM even if the leading character was not "1". When the optional identity privacy support is used, the client MAY use the pseudonym received as part of the previous authentication sequence as the username portion of the NAI, as specified in Section 5. The client MUST NOT modify the pseudonym received in AT_PSEUDONYM. For example, the client MUST NOT append any leading characters in the pseudonym. If no configured realm name is available, the client MAY derive the realm name from the MCC and MNC portions of the IMSI. In this case, the realm name is obtained by concatenating "mnc", the MNC digits of IMSI, ".mcc", the MCC digits of IMSI and ".owlan.org". For example, Haverinen Expires in six months [Page 13]
Internet Draft EAP SIM Authentication June 2002 if the IMSI is 123456789098765, and the MNC is three digits long, then the derived realm name is "mnc456.mcc123.owlan.org". If the client is not able to determine whether the MNC is two or three digits long, the client MAY use a 3-digit MNC. If the correct length of the MNC is two, then the MNC used in the realm name will include the first digit of MSIN. Hence, when configuring AAA networks for operators that have 2-digit MNC's, the network SHOULD also be prepared for realm names with incorrect 3-digit MNC's. 9. EAP-Request/SIM/Start The first SIM specific EAP Request is of subtype Start. The format of the EAP Request/SIM/Start packet is shown below. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Code | Identifier | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |AT_PERM..._REQ | Length = 1 | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |AT_ID..._REQ | Length = 1 | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Code 1 for Request Identifier See [1]. Length The length of the EAP packet. Type 18 Subtype 10 Reserved Set to zero on sending, ignored on reception Haverinen Expires in six months [Page 14]
Internet Draft EAP SIM Authentication June 2002 AT_PERMANENT_IDENTITY_REQ The AT_PERMANENT_IDENTITY_REQ attribute is optional and it is included in the cases defined in Section 5. It MUST NOT be included if AT_IDENTITY_REQ is included. The value field only contains two reserved bytes, which are set to zero on sending and ignored on reception. AT_IDENTITY_REQ The AT_IDENTITY_REQ attribute is optional and it is included in the cases defined in Section 4. It MUST NOT be included if AT_PERMANENT_IDENTITY_REQ is included. The value field only contains two reserved bytes, which are set to zero on sending and ignored on reception. 10. EAP-Response/SIM/Start The format of the EAP Response/SIM/Start packet is shown below. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Code | Identifier | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |AT_NONCE_MT | Length = 5 | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | NONCE_MT | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AT_PERM... | Length | Actual Identity Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . Cleartext Identity (optional) . . . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AT_IDENTITY | Length | Actual Identity Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . Current Identity (optional) . . . | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Code 2 for Response Haverinen Expires in six months [Page 15]
Internet Draft EAP SIM Authentication June 2002 Identifier See [1]. Length The length of the EAP packet. Type 18 Subtype 10 Reserved Set to zero when sending, ignored on reception. AT_NONCE_MT The AT_NONCE_MT attribute MUST be included. The value field contains two reserved bytes followed by a random number generated by the client (16 bytes) freshly for this EAP/SIM authentication. The random number is used as a seed value for the new keying material. The reserved bytes are set to zero upon sending and ignored upon reception. AT_PERMANENT_IDENTITY The AT_PERMANENT_IDENTITY attribute is optional and it is included in cases defined in Section 5. It MUST NOT be included if AT_IDENTITY is included. The value field of this attribute begins with 2-byte actual identity length, which specifies the length of the identity in bytes. This field is followed by the non-pseudonym permanent Network Access Identifier username portion of the indicated actual length. The username format is specified in Section 8. The username does not include any terminating null characters. Because the length of the attribute must be a multiple of 4 bytes, the sender pads the identity with zero bytes when necessary. AT_IDENTITY The AT_IDENTITY attribute is optional and it is included in cases defined in Section 4. It MUST NOT be included if AT_PERMANENT_IDENTITY is included. The value field of this attribute begins with 2-byte actual identity length, which specifies the length of the identity in bytes. This field is followed by the Network Access Identifier username portion of the indicated actual length. The username format is specified in Section 8. The username is either the non-pseudonym permanent Haverinen Expires in six months [Page 16]
Internet Draft EAP SIM Authentication June 2002 username or a pseudonym username. The username does not include any terminating null characters. Because the length of the attribute must be a multiple of 4 bytes, the sender pads the identity with zero bytes when necessary. 11. EAP-Request/SIM/Challenge The format of the EAP-Request/SIM/Challenge packet is shown below. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Code | Identifier | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AT_RAND | Length | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | . n*RAND . . . | | ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -