[RADIATOR] EAP-AKA' support (Was: Re: EAP AKA Prime)

Heikki Vatiainen hvn at open.com.au
Thu Sep 15 03:02:21 CDT 2011 

On 09/14/2011 04:16 PM, Aman Arneja wrote:

> Thats great news ! .. I had one more question .. is it possible to
> hardcode the sres and rand value for sim based auths in Radiator if we
> do not want to use an HLR during our testing stage?

With EAP-SIM you can use "canned" triplets. That is, extract triplets
from a SIM, return the SIM back to e.g., phone, and use the MAP gateway
simulator that comes with the SIM pack to generate responses back to the
phone. This gives you complete end-to-end testing possibility.

EAP-AKA works differently, so you can not precreate triplets similar to
EAP-SIM case. However, in AKA cases you can use the built-in milenage
algorithm to act like an Auth Centre.

For more, please see the whitepaper available from
http://www.open.com.au/eap-sim/

It was just updated and has more about the MAP gateway simulator,
supported MAP gateways and other related topics.

Thanks!
Heikki


> Thanx
>  
> Aman Arneja
> 
> On Mon, Sep 12, 2011 at 3:13 PM, Heikki Vatiainen <hvn at open.com.au
> <mailto:hvn at open.com.au>> wrote:
> 
>     On 08/24/2011 11:28 AM, Heikki Vatiainen wrote:
> 
>     Hello Aman,
> 
>     > EAP-AKA in SIM pack does not currently have support for AT_BIDDING or
>     > AT_KDF_INPUT attributes so this I think makes it plain AKA only. I can
>     > check what the plans are for supporting AKA'.
> 
>     RFC 5448 (EAP-AKA' or AKA Prime) is now supported with EAP-SIM pack
>     version 1.32. Version 1.32 was just released for AKA' support.
> 
>      http://www.open.com.au/eap-sim/
> 
>     The AKA' support also requires the latest patch set for 4.8. The latest
>     patch set adds the required AKA' definitions to the EAP module.
> 
>     Thanks!
> 
>     --
>     Heikki Vatiainen <hvn at open.com.au <mailto:hvn at open.com.au>>
> 
>     Radiator: the most portable, flexible and configurable RADIUS server
>     anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>     Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>     TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>     DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>     NetWare etc.
> 
> 


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.

More information about the radiator mailing list