Michael Richardson <[email protected]> wrote:
>I implemented server side EAP-SIM and EAP-AKA back 16 some years ago.
>Based upon the many emails I got asking for help configuring EAP-SIM, and
>the zero I got for EAP-AKA, I have never been sure to what extend AKA
>really go out there. Is the nano-SIM in my phone SIM or did it mutate into
>AKA? I never quite knew.
>
>I was always very sad that AKA did not get more uptake as it authenticates
>the network to the phone, and therefore would have (as I understand things)
>defended against "Stingray" like equipment used without judicial review,
>requiring interceptors to significantly involve telco in such things, and
>limiting who they would actually "catch". ... I've heard other claims too.
Several independent things here, first there are 4 different form factors for
removable UICCs (aka "SIM cards")
1FF ("Full-size") = ID-1
2FF ("Mini-SIM") = ID-000
3FF ("Micro-SIM") = Mini-UICC
4FF ("Nano-SIM")
On the UICC, there are either a SIM application (2G), an USIM application (3G)
or both. If you live in a country that have 4G and do not use a very old
SIM-card, your SIM-card have USIM and can do AKA with network authentication.
Authentication to a 4G/LTE network requires a USIM and always use AKA with
network authentication.
Two main types of "Stingray like equipment"
- one is passive IMSI catchers. They just passively eavesdrop to catch
identities. These will be mitigated in 5G with ECIES encryption of the
identities as long as your operator provisions its public key on the UICC.
- the other is active false base stations. Many operators around the world has
already turned off their 2G/GSM networks. The only reason this attack still
works is that your phone happily connects to false 2G network is offers the
best signal. Neither iOS (Apple) nor Android (Google) allows you to even
manually turn off 2G. They both allow you to turn off 4G for battery savings
but not 2G for security reasons. Ask the company that made your phone ;)
Cheers,
John
_______________________________________________
Emu mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/emu
