Re: [Emu] draft-urien-eap-smartcard-20.txt
"Michael Thomsen" <ietf-denmike@snkmail.com> Tue, 07 June 2011 15:41 UTC
Return-Path: <ietf-denmike@snkmail.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E28C11E816A for <emu@ietfa.amsl.com>; Tue, 7 Jun 2011 08:41:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cj23rj9COAef for <emu@ietfa.amsl.com>; Tue, 7 Jun 2011 08:41:26 -0700 (PDT)
Received: from sneak2.sneakemail.com (sneak2.sneakemail.com [38.113.6.65]) by ietfa.amsl.com (Postfix) with SMTP id AE45C11E8162 for <emu@ietf.org>; Tue, 7 Jun 2011 08:41:25 -0700 (PDT)
Received: (qmail 29613 invoked from network); 7 Jun 2011 15:41:22 -0000
Received: from unknown (HELO localhost.localdomain) (192.168.0.1) by sneak2.sneakemail.com with SMTP; 7 Jun 2011 15:41:22 -0000
Received: from 192.168.0.2 by mail.sneakemail.com with SMTP; 7 Jun 2011 15:41:22 -0000
Received: (sneakemail censored 1595-1307461282-359547 #2); 7 Jun 2011 15:41:22 -0000
Received: (sneakemail censored 1595-1307461282-359547 #1); 7 Jun 2011 15:41:22 -0000
Date: Tue, 07 Jun 2011 15:41:22 +0000
To: emu@ietf.org
Message-ID: <1595-1307461282-359547@sneakemail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
From: Michael Thomsen <ietf-denmike@snkmail.com>
X-Mailer: Perl5 Mail::Internet v
X-Mailman-Approved-At: Mon, 13 Jun 2011 13:25:52 -0700
Subject: Re: [Emu] draft-urien-eap-smartcard-20.txt
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2011 15:41:27 -0000
Hi Pascal, sorry, I don't quite understand what you mean by "former EAP-AKA version", but I've stumpled upon a few things I don't quite understand: 1: -- In test #2 (Wrong SQN) you're calculating MAC-S with a non-zero AMF giving 7CD924E739F12369. According to 3GPP TS 33.102 AMF is set to zeros when calculating AUTS. When doing that I get 0010C1DA38A75A31 instead. According to RFC4187 AT_AUTS should include "the AKA AUTS parameter, 112 bits" I don't see anything about the AMF field not being zeroed, as it is per usual. 2: -- In test #6 (Reauth, Good Counter) the counter value is 0000, whereas RFC4187 specifies that the minimum counter value of the first packet should be 0001. Also, you use the 64-byte MSK value generated in test #1 instead of MK, whereas RFC4187 specifies XKEY'=SHA1(Identity|counter|NONCE_S|MK). This obviously gives a quite different result than what you get. 3: -- In the "Get MSK" commands in test #1 and test #6 the first 32 bytes of MSK are switched with the last 32 bytes of MSK. I don't see anything in your document stating that this should be the behaviour. 4: -- In test #6 and test #7 the MAC is not calculated over (EAP-packet | Nounce-S), as specified in RFC4187. Kind regards, Michael Thomsen
- [Emu] draft-urien-eap-smartcard-20.txt Michael Thomsen
- Re: [Emu] draft-urien-eap-smartcard-20.txt Pascal Urien
- Re: [Emu] draft-urien-eap-smartcard-20.txt Michael Thomsen
- Re: [Emu] draft-urien-eap-smartcard-20.txt Pascal Urien