RFC (part 1 of 5): Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM ). EAP-SIM RFC is a newly emerged EAP authentication The standard for EAP-SIM authentication is still in draft form with the IETF . but are not limited to, RFCs, the products of another standards body (e.g. 3GPP ), EAP-AKA’ AT_KDF Key Derivation Function values; Trusted Non-3GPP 12, AKA-Notification and SIM-Notification, [RFC][RFC].

Author: Vubei Gardashicage
Country: Bahrain
Language: English (Spanish)
Genre: Software
Published (Last): 4 March 2016
Pages: 107
PDF File Size: 11.78 Mb
ePub File Size: 8.16 Mb
ISBN: 239-4-82828-477-4
Downloads: 67317
Price: Free* [*Free Regsitration Required]
Uploader: Fenrirn

EAP-GTC carries a text challenge from the authentication server, and a reply generated by a security token.

RFC – part 1 of 5

Showing of 27 references. This would allow for situations much like HTTPS, where a wireless hotspot allows free access and does not authenticate station clients but station clients wish to use encryption IEEE Message Format and Protocol Extensibility This vulnerability is mitigated by manual PAC provisioning or by using server certificates for the PAC provisioning phase.

When EAP is invoked by an Protected success indications are discussed in Section 6. Authentication vector GSM triplets can be alternatively called authentication vectors. Integrity and Replay Protection, and Confidentiality Views Read Edit View history. EAP is an authentication framework, not a specific authentication mechanism. EAP is an authentication framework for providing the transport and usage of keying material and parameters generated by EAP methods. It is possible to use a different authentication credential and thereby technique in each direction.

Additionally a number of vendor-specific methods and new proposals exist. In this document, the term nonce is only used to denote random nonces, and it is not used to denote counters. Implementers and users of EAP-SIM are advised to carefully study the security considerations in Section 11 in order to determine whether the security properties are sufficient for the environment in question, especially as the secrecy of Kc keys is essential to the security of EAP-SIM.


The lack of mutual authentication in GSM has also been overcome. Wireless networking Computer access control protocols. Protected Extensible Authentication Protocol.

The version negotiation is protected by including the version list and the selected version in the calculation of keying material Section 7. Showing of 67 extracted citations. This phase is independent epa other phases; hence, any other scheme in-band or out-of-band can be used in the future.

EAP-AKA and EAP-SIM Parameters

The fast re-authentication procedure is described in Section 5. It does not specify an Internet standard of any kind.

On full authentication, the peer’s response includes either the user’s International Mobile Subscriber Identity IMSI or a temporary identity pseudonym if identity privacy is in effect, as specified in Section 4.

The underlying key exchange is resistant to active attack, passive attack, and dictionary attack. Citation Statistics Citations 0 10 20 ’06 ’09 ’12 ’15 ‘ Sung Ya-ChinY. PEAPv1 was defined in draft-josefsson-pppext-eap-tls-eap through draft-josefsson-pppext-eap-tls-eap[36] and PEAPv2 was defined in versions beginning with draft-josefsson-pppext-eap-tls-eap The authenticator typically communicates with an EAP server that is located on a backend authentication server using an AAA protocol.

Distribution of this memo is unlimited.

Extensible Authentication Protocol

Second generation mobile networks and third generation mobile networks use different authentication and key agreement mechanisms. There have also been proposals to use IEEE From the triplets, the EAP server derives the keying material, as specified in Section 7. Fast Re-authentication Identity A fast re-authentication identity of the peer, including an NAI realm portion in environments where a realm is used.

Cryptographic Separation of Keys and Session Independence The highest security available is when the “private keys” of client-side certificate are housed in smart cards. Lightweight Extensible Authentication Protocol. References Publications referenced by this paper.


The permanent identity is usually based on the IMSI. EAP is in wide use. Overview Figure 1 shows an overview of the EAP-SIM full authentication procedure, wherein optional protected success indications are not used.

Note that the user’s name is never transmitted in unencrypted clear text, improving privacy. Eliminate the requirement in the client to establish a master secret every time a client requires network access. The standard also describes the conditions under which the AAA key management requirements described in RFC can be satisfied.

An introduction to LEAP authentication”. Pseudonym Username The username portion of pseudonym identity, i. Archived from the original PDF on 12 December The EAP-POTP method provides two-factor user authentication, ea that a user needs both physical access to a token and knowledge of a personal identification number PIN to perform authentication. If the peer has maintained state information for fast re-authentication and wants to use fast re-authentication, then the peer indicates this by using a specific fast re-authentication identity instead of the permanent identity or a pseudonym identity.

Fast re-authentication is based on keys derived on full authentication. With a client-side certificate, a compromised password is not enough to rcf into EAP-TLS enabled systems because the intruder still needs to have the client-side certificate; indeed, a password is not even needed, as it is only used to encrypt the client-side certificate for storage.

The EAP server may also include derived frc material in the message it sends to the authenticator. BlunkJohn R.