RFC Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM), January . RFC (part 1 of 5): Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM ). EAP-SIM RFC is a newly emerged EAP authentication The standard for EAP-SIM authentication is still in draft form with the IETF .

Author: Goltilkree Tojak
Country: Mauritania
Language: English (Spanish)
Genre: Business
Published (Last): 14 June 2007
Pages: 426
PDF File Size: 3.21 Mb
ePub File Size: 6.72 Mb
ISBN: 159-9-86977-932-2
Downloads: 55908
Price: Free* [*Free Regsitration Required]
Uploader: Mikakus

Eliminate the requirement in the client to establish a master secret every time a client requires network access. In-band provisioning—provide the peer with a shared secret to be used in secure phase 1 conversation. A pseudonym identity of the peer, including an NAI realm portion in environments where a realm is used.

Second generation mobile networks and third generation mobile networks use different authentication and key agreement mechanisms. The highest security available is when the “private keys” of client-side certificate are housed in smart cards.

Lightweight Extensible Authentication Protocol. In general, a nonce can be predictable e. EAP-TLS is still considered one of the most secure Eap-ism standards available, although TLS provides strong security only as long as the user understands potential warnings about false credentials, and is universally supported by all manufacturers of wireless LAN hardware and software. The protocol only specifies chaining multiple EAP mechanisms and not any specific method.

Used on full authentication exp-sim. The Kc key is originally intended to be used as an encryption key over the air interface, but in this protocol, it is used for deriving keying material and is not directly used.

Extensible Authentication Protocol

The EAP-SIM mechanism specifies enhancements to GSM authentication and key agreement whereby multiple authentication triplets can be combined to create authentication responses and session keys of greater strength than the individual GSM triplets. It is worth noting that the PAC file is issued on a per-user basis.


The IETF has also not reviewed the security of the cryptographic algorithms. The EAP method protocol exchange is done in a minimum of four messages.

EAP-AKA and EAP-SIM Parameters

The GSM network element that provides the authentication triplets for authenticating the subscriber. PEAPv1 was defined in draft-josefsson-pppext-eap-tls-eap through draft-josefsson-pppext-eap-tls-eap[36] and PEAPv2 was defined in versions beginning with eapsim Message Sequence Examples Informative Implementers and users of EAP-SIM are advised to carefully study the security considerations in Section 11 in order to determine whether the security properties are sufficient for the environment in question, especially as the secrecy of Kc keys is essential to the security of EAP-SIM.

The permanent identity of the peer, including an NAI realm portion in environments where a realm is used. The password may be a low-entropy one and may be eap-dim from some set of possible passwords, like a dictionary, which is available to an attacker.

The standard also describes the conditions under which the AAA key management requirements described in RFC can be satisfied. This vulnerability is mitigated by manual PAC provisioning or by using server certificates for the PAC provisioning phase.

A fast re-authentication efc of the peer, including an NAI realm portion in environments where a realm is used. Hence, the secrecy of Kc is critical to the security of this protocol.

EAP Types – Extensible Authentication Protocol Types

From Wikipedia, the free encyclopedia. In general, a nonce can be predictable e. An introduction to LEAP authentication”.

The username portion of fast re-authentication identity, i. EAP is an authentication framework for providing the transport and usage eal-sim keying material and parameters generated by EAP methods. EAP-GTC carries a text challenge from the authentication server, and a reply generated by a security token.


RFC – part 1 of 5

Fall Back to Full Authentication A value that is used at most once or that is never repeated within the same cryptographic eqp-sim. The peer has derived the same keying material, so the authenticator does not forward the keying material to the peer along with EAP-Success. The permanent frc is usually based on the IMSI. Since some cryptographic properties may depend on the randomness of the nonce, attention should be paid to whether a nonce is required to be random or not.

The requirement for a client-side certificate, however unpopular it may be, is what gives EAP-TLS its authentication strength and illustrates the classic convenience vs.

Microsoft Exchange Server Unleashed. GSM is a second generation mobile network standard. The EAP server may also include derived keying material in the message it sends to the authenticator. This page was last edited on 21 Decemberat It also specifies an optional fast re-authentication procedure.

The GSM authentication and key exchange eap-im are not used in the fast re-authentication procedure.

Table of Contents 1. In particular, the following combinations are expected to be used in practice:. Mutual Authentication and Triplet Exposure The derived bit cipher key Kc is not strong enough for data networks in which stronger and longer keys are required.

Pseudonym Username The username portion of pseudonym identity, i. The client can, but does not have to be authenticated via a CA -signed PKI certificate to the server. Archived from the original on Archived from the original PDF on 12 December