Feature #2475
XOR authentication not implemented
70%
Description
We implement COMP128v1, v2 and v3 as well as MILENAGE, but don't implement the XOR algorithm for 2G or 3G, as described in 3GPP TS 34.108 Section 8.1.2
XOR can be handy when testing against test equipment such as core/ran emulators, MS testers or the like.
Related issues
History
#1 Updated by laforge over 1 year ago
Daniel has an incomplete patch for this, please state branch name here to which this was pushed.
#2 Updated by daniel over 1 year ago
#3 Updated by daniel about 1 year ago
- Related to Support #2497: Set up SIM cards with auth algo other than XOR added
#5 Updated by fixeria 11 months ago
- Status changed from New to Feedback
- % Done changed from 40 to 70
I've uploaded a modified version: https://gerrit.osmocom.org/7310/
Comments are welcome ;)
#6 Updated by fixeria 11 months ago
A sysmoUSIM-SJS1 was programmed to use XOR auth:
$ sysmo-usim-tool.sjs1.py -a ADM --classic -T XOR-2G:XOR-3G $ sysmo-usim-tool.sjs1.py -a ADM -K daf8d6975b9e1404e359bfcf0c93d55c
All attempts to perform manual XOR authentication are not successful:
$ ./osmo-sim-auth.py -s -r e9a9c0710597421f4363e45a2da051f9 Testing SIM card with IMSI 901700000000001 GSM Authentication Traceback (most recent call last): File "./osmo-sim-auth.py", line 125, in <module> handle_sim(options, rand_bin) File "./osmo-sim-auth.py", line 75, in handle_sim print "SRES:\t%s" % b2a_hex(byteToString(ret[0])) TypeError: 'NoneType' object has no attribute '__getitem__'
$ ./osmo-sim-auth.py -s -r 5635694866c671627c3bb4135e2bf7dc Testing SIM card with IMSI 901700000000001 GSM Authentication Traceback (most recent call last): File "./osmo-sim-auth.py", line 125, in <module> handle_sim(options, rand_bin) File "./osmo-sim-auth.py", line 75, in handle_sim print "SRES:\t%s" % b2a_hex(byteToString(ret[0])) TypeError: 'NoneType' object has no attribute '__getitem__'
Meanwhile, the tool works fine with comp128v123... Any ideas?
#8 Updated by fixeria 11 months ago
GSM Authentication [DBG] ['INTERNAL AUTHENTICATE apdu: A0 88 00 00 10 56 35 69 48 66 C6 71 62 7C 3B B4 13 5E 2B F7 DC', 'sw1, sw2: 6F 00 - checking error: no precise diagnosis', (111, 0), []]
Quick Googling:
6F 00 Command aborted - more exact diagnosis not possible (e.g., operating system error).
#10 Updated by laforge 4 months ago
I should have read this ticket first. There's now an alternative (but equally untested) implementation in the laforge/auth_xor
branch of libosmocore.git. It also covers re-sync with AUTS, which Vadims implementation doesn't seem to cover.
I should have done something else :/