RFC (part 1 of 5): Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM ). EAP-SIM RFC is a newly emerged EAP authentication The standard for EAP-SIM authentication is still in draft form with the IETF . but are not limited to, RFCs, the products of another standards body (e.g. 3GPP ), EAP-AKA’ AT_KDF Key Derivation Function values; Trusted Non-3GPP 12, AKA-Notification and SIM-Notification, [RFC][RFC].

Author: Faulmaran Fauzilkree
Country: Poland
Language: English (Spanish)
Genre: Travel
Published (Last): 7 September 2007
Pages: 498
PDF File Size: 13.56 Mb
ePub File Size: 1.17 Mb
ISBN: 561-6-78797-518-1
Downloads: 90494
Price: Free* [*Free Regsitration Required]
Uploader: Grojas

From Wikipedia, the free encyclopedia. It is worth noting that the PAC file is issued on a per-user basis. The protocol only specifies chaining multiple EAP mechanisms and not any specific method. Overview Figure 1 shows an overview of the EAP-SIM full authentication procedure, wherein optional protected success indications are not used.

Communicating the Peer Identity to the Server The version negotiation is protected by including the version list and the selected version in the calculation of keying material Section 7. The GSM network element that provides the authentication triplets for authenticating the subscriber. The packet format and the use of attributes are specified in Section 8.

Extensible Authentication Protocol – Wikipedia

Distribution of this memo is unlimited. Hence, the secrecy of Kc is critical to the security of this protocol. BlunkJohn R. EAP-SIM also extends the combined RAND challenges and other messages with a message authentication code in order to provide message integrity protection along with mutual authentication. The requirement for a client-side certificate, however unpopular it may be, is what gives EAP-TLS its authentication strength and illustrates the classic convenience vs.


The mechanism also includes network authentication, user anonymity support, result indications, and a fast re-authentication procedure. In this document, the term nonce is only used to denote random nonces, and it is not used to denote counters.

It does not specify an Internet standard of any kind. Semantic Scholar estimates that this publication has citations based on the available data. The highest security available is when the “private keys” of client-side certificate are housed in smart cards.

Extensible Authentication Protocol

Requesting the Permanent Identity This greatly simplifies the setup procedure since a certificate is not needed on every client. Implementers and users of EAP-SIM are advised to carefully study the security considerations in Rfv 11 in order to determine whether the security properties are sufficient for the environment in question, especially as the secrecy of Kc keys is essential to the security of EAP-SIM.

Showing of 27 references. By using this site, you agree to the Terms of Use and Privacy Policy. Wireless networking Computer access control protocols. Message Sequence Examples Informative The 3rd generation AKA mechanism includes mutual authentication, replay protection, and derivation of longer session keys.


GSM is a second generation mobile network standard. A3 and A8 Algorithms Second generation mobile networks and third generation mobile networks use different authentication and key agreement mechanisms.

EAP-AKA and EAP-SIM Parameters

A proxy based authentication localisation scheme for handover between non trust-associated domains Mo LiKumbesan Sandrasegaran Mobile Computing and Communications Review Mutual Authentication and Triplet Exposure Permanent Identity The permanent identity of the peer, including som NAI realm portion in environments where a realm is used.

Archived sap the original on February 9, Fast re-authentication is based on keys derived on full authentication. Citation Statistics Citations 0 10 20 ’06 ’09 ’12 ’15 ‘ Flooding the Authentication Centre The fast re-authentication procedure is described in Section 5. This phase is independent of other phases; hence, any other scheme in-band or out-of-band can be used sum the future. Extensible Authentication Protocolor EAPis an authentication framework frequently used in wireless networks and point-to-point connections.

It does not specify an Internet standard of any kind. EAP is not a wire protocol; instead it only defines message formats. It also specifies an optional fast re-authentication procedure. Lightweight Extensible Authentication Protocol.