| Tests Vectors for EAP-AKA | <– Date –> <– Thread –> |
From: Pascal Urien (urienp tele2.fr)
|
|
| Date: Tue, 3 May 2005 08:32:23 -0400 (EDT) | |
Hi Every Body,
I got the following vectors (see below) , which should be included in the next version of the
draft 'draft-urien-eap-smartcard-07.txt '
I should be great if some body could check these values and my understanding of the EAP-AKA
protocol.
//=============================
// Values for XKEY & PRF(XKEY)=
//=============================
//
// ID: 61 6B 61 40 64 6F 74 2E 63 6F 6D = aka [at] dot.com
// IK: F7 69 BC D7 51 04 46 04 12 76 72 71 1C 6D 34 41
// CK: B4 0B A9 A3 C5 8B 2A 05 BB F0 D9 87 B2 1B F8 CB
// XKEY = sha1(ID|IK|CK) = C4 83 4F 21 BE AD F0 9E 7A 3B E8 17 97 5A BA 99 DD B4 0C 9A
// PRF(XKEY)
// K_Encr: 28 FF 32 38 42 05 6B 55 4B 85 A5 11 16 34 5A A4
// K_Auth: B3 08 06 82 48 8E 68 6F AC 3E 1C F8 24 8E 73 63
// MSK: BE 12 98 C0 B5 33 8C 91 D6 E1 1B 33 AE 7D 46 2D
// E2 99 64 64 0C F5 05 FF 26 AE D5 98 82 2D 41 F9
// 20 AF 49 FD CB 77 00 8C 2A AC DB A3 A1 AE 79 75
// 20 8C 25 E5 40 17 5D 22 D5 48 0C DE 88 D7 90 33
// EMSK: CD 10 C9 14 BB 54 DC 97 AE E8 96 06 67 F8 C8 59
// 12 44 DF E7 BD 4A C1 B1 6E 63 1B 4D FA 5D F6 97
// 4A 4C 51 F5 D8 19 FE 68 E7 37 0F 9E 47 43 9B 43
FD 6E 83 CC 35 7A 01 E7 16 57 F3 BE 6D 26 4A 2B
//=========================================
// Test #1 : FULL AUTHENTICATION, GOOD #SEQ
//=========================================
//AT_RAND AT_AUTN AT_MAC
Tx: A0 80 00 00 42 01A5 0042 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
0B050000 F262DECDCC1302CB4B527672E251422C
//==========================================
// Test #2 : FULL AUTHENTICATION, WRONG #SEQ
//==========================================
Tx: A0 80 00 00 42 01A5 0042 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
0B050000 F262DECDCC1302CB4B527672E251422C
// AT_AUTS = AK2+SEQ | MAC-S
Rx: 02A5 0016 1704 0404 BA853F3C1233 01CFAF9EC4E871E9
// AK2 = 45 1E 8B EC A4 3B
// SEQ = ff 9b b4 d0 b6 08
// MAC-S= 01 CF AF 9E C4 E8 71 E9
//===========================================
// Test #4 : Full Authentication + PSEUDO_ID=
//===========================================
// AT_RAND AT_AUTN AT_ENCR AT_MAC
// AT_ENCR: 82090000 8205000D 31323334 31323334 31323334 31000000 06030000 00000000 00000000
Tx: A0 80 00 00 7A 01A5 007A 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
81050000 12345678 12345678 12345678 12345678
82090000 819dcaf9e851072d660a36fb79d96c096ac36f2e58d6e32d3fc848699da076d4
0B050000 BCB23D96BE3855BDE867A2557977FAB6
// AT_RES AT_MAC
Rx: 02A5 0026 1701 03030040 A54211D5 E3BA50BF 0B050000 D6859267FC560146EB637FD8660942CF
// GET AT_FULLAUTH_ID_REQ = '12341234123412341 [at] dot.com'
Tx: A0 80 00 00 0A 01A6 000A 1705 1101 0000
Rx: 02 A6 00 22 1705 0E070015 3132333431323334313233343140646F742E636F6D000000 9000
//===========================================
// Test #5 : Full Authentication + ReAUTH_ID=
//===========================================
// AT_RAND AT_AUTN AT_ENCR AT_MAC
// AT_ENCR: 82090000 8505000D 31323334 31323334 31323334 31000000 06030000 00000000 00000000
Tx: A0 80 00 00 7A 01A5 007A 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
81050000 12345678 12345678 12345678 12345678
82090000 49e8e4be4245261189afe3a1e913953f4a966dbe53d621a8cc771072da7b1964
0B050000 ac4da101ef7450f5285700655dc6c6d0
// AT_RES AT_MAC
Rx: 02A5 0026 1701 03030040 A54211D5 E3BA50BF 0B050000 D6859267FC560146EB637FD8660942
// GET AT_ANY_ID_REQ: '1234123412341'
Tx: A0 80 00 00 0A 01A6 000A 1705 0D01 0000
Rx: 02 A6 00 1A 17 05 0E 05 00 0D 31 32 33 34 31 32 33 34 31 32 33 34 31 00 00 00 90 00
// XKEY' = SHA1(Identity|counter|NONCE_S|MK)
// Identity = "31323334 31323334 31323334 31"
// Counter= "0000" +
// NONCE= "12345678 12345678 12345678 12345678"
// MK = "BE1298C0B5338C91D6E11B33AE7D462DE29964640CF505FF26AED598822D41F9"
// "20AF49FDCB77008C2AACDBA3A1AE7975208C25E540175D22D5480CDE88D79033"
// XKEY'= 5f83882b27d5793c01a512f5ed300e6759e64974
// PRF(XKEY') = 7a9d9d7e5ca72ef90b63cc466c4a9d0d6a6a5506a56f978d2adea27db5176c3f
// 3abe04e06673ca3e58c85e6fd01f7cef9bd210a143917e90978aaf3eb4539747
// AT_IV AT_ENCR AT_MAC
// ENCR: 82090000 13010000 15050000 12345678 12345678 12345678 12345678 85020004 31323334
Tx: A0 80 00 00 52 01A5 0052 170D 81050000 12345678 12345678 12345678 12345678
82090000 5a88776e7dcb10737d3d3ab76a380b8995263616453079a49f7dc97f15596b2c
0B050000 bbb04ed146da523ee632d1cf6e50f97d
// AT_ENCR AT_COUNTER AT_NONCE_S AT_NEXT_REAUTH_ID
// AT_ENCR: 82090000 13010000 15050000 12345678 12345678 12345678 12345678 85020004 31323334
Rx: 02 A5 00 52 17 0D 81 05 00 00 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 82 09 00 00 FE 69
18 6B AA E2 DE 0E A6 1B 0A A3 18 B2 1F 51 50 60 BA 59 0C 6C A9 84 0E 6D 6A 66 C2 34 0F E6 0B 05
00 00 01 09 00 41 14 23 A6 A3 78 3B 98 E6 ED C5 EF C6 90 00
// AT_IV AT_ENCR AT_MAC
// AT_ENCR: 82090000 13010000 15050000 12345678 12345678 12345678 12345678 85020004 31323334
Tx: A0 80 00 00 52 01A5 0052 170D 81050000 12345678 12345678 12345678 12345678
82090000 5a88776e7dcb10737d3d3ab76a380b8995263616453079a49f7dc97f15596b2c
0B050000 bbb04ed146da523ee632d1cf6e50f97d
// AT_ENCR AT_COUNTER_TOO_SMALL AT_COUNTER AT_PADDING
// AT_ENCR: 82050000 14010000 13010000 06020000 00000000
Rx: 02 A5 00 42 17 0D 81 05 00 00 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 82 05 00 00 76 74
0A 5C AD 91 64 CD EB 1F C3 A5 6A 63 38 E7 0B 05 00 00 4C F3 CC 2F 47 7A 3B 24 C1 28 92 04 3F 91
59 E7 90 00
I am currently testing an EAP-AKA smartcard, but unfortunately not test vectors are available in the EAP-AKA draft.
I got the following vectors (see below) , which should be included in the next version of the
draft 'draft-urien-eap-smartcard-07.txt '
I should be great if some body could check these values and my understanding of the EAP-AKA
protocol.
Pascal http://www.infres.enst.fr/~urien/openeapsmartcard
NB EAP-AKA seems to work in JC2.2 16KB smartcards. Authentication times are less than 6s.
Tests Vectors for EAP-AKA ===================== // Select EAP_APPLICATION Tx: 00A40400 07 11 22 33 44 55 66 01 Rx: 9000
// Verify User PIN ('0000')
Tx: A020000004 30303030
Rx: 9000// Set-Identity ('zzz') type=AKA
Tx: A0 16 00 80 03 7A7A7A
// 90 00// EAP-Identity request Tx: A0 80 00 00 05 01A4 0005 01 // Identity.response: anonymous [at] dot.com Rx: 02 A4 00 16 01 61 6E 6F 6E 79 6D 6F 75 73 40 64 6F 74 2E 63 6F 6D 90 00
// EAP-AKA GET AT_PERMANENT_ID_REQ: aka [at] dot.com Tx: A0 80 00 00 0A 01A6 000A 1705 0A01 0000 Rx: 02 A6 00 16 17 05 0E 04 00 0B 61 6B 61 40 64 6F 74 2E 63 6F 6D 00 90 00
//================= // Milenage Values= //================= // These values are imported from // 3GPP TS 35.207 V5.0.0 (2002-06), // sections 4.3-Test set 1 and 6.3-Test set 1
// K: 465b5ce8 b199b49f aa5f0a2e e238a6bc // OP: cdc202d5 123e20f6 2b6d676a c72cb318 // SQN: ff9bb4d0b607 // AMF: b9b9 // RAND:23553cbe 9637a89d 218ae64d ae47bf35
// f1|f1*: 4A 9F FA C3 54 DF AF B3 01 CF AF 9E C4 E8 71 E9 // f2/sres A5 42 11 D5 E3 BA 50 BF // f3/ck B4 0B A9 A3 C5 8B 2A 05 BB F0 D9 87 B2 1B F8 CB // f4/ik F7 69 BC D7 51 04 46 04 12 76 72 71 1C 6D 34 41 // f5/ak AA 68 9C 64 83 70 // f5*/ak2 45 1E 8B EC A4 3B
//=============================
// Values for XKEY & PRF(XKEY)=
//=============================
//
// ID: 61 6B 61 40 64 6F 74 2E 63 6F 6D = aka [at] dot.com
// IK: F7 69 BC D7 51 04 46 04 12 76 72 71 1C 6D 34 41
// CK: B4 0B A9 A3 C5 8B 2A 05 BB F0 D9 87 B2 1B F8 CB
// XKEY = sha1(ID|IK|CK) = C4 83 4F 21 BE AD F0 9E 7A 3B E8 17 97 5A BA 99 DD B4 0C 9A
// PRF(XKEY)
// K_Encr: 28 FF 32 38 42 05 6B 55 4B 85 A5 11 16 34 5A A4
// K_Auth: B3 08 06 82 48 8E 68 6F AC 3E 1C F8 24 8E 73 63
// MSK: BE 12 98 C0 B5 33 8C 91 D6 E1 1B 33 AE 7D 46 2D
// E2 99 64 64 0C F5 05 FF 26 AE D5 98 82 2D 41 F9
// 20 AF 49 FD CB 77 00 8C 2A AC DB A3 A1 AE 79 75
// 20 8C 25 E5 40 17 5D 22 D5 48 0C DE 88 D7 90 33
// EMSK: CD 10 C9 14 BB 54 DC 97 AE E8 96 06 67 F8 C8 59
// 12 44 DF E7 BD 4A C1 B1 6E 63 1B 4D FA 5D F6 97
// 4A 4C 51 F5 D8 19 FE 68 E7 37 0F 9E 47 43 9B 43
FD 6E 83 CC 35 7A 01 E7 16 57 F3 BE 6D 26 4A 2B
//=========================================
// Test #1 : FULL AUTHENTICATION, GOOD #SEQ
//=========================================
//AT_RAND AT_AUTN AT_MAC
Tx: A0 80 00 00 42 01A5 0042 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
0B050000 F262DECDCC1302CB4B527672E251422C
// AT_RES AT_MAC
Rx: 02A5 0026 1701 03030040 A54211D5 E3BA50BF
0B050000 D6859267FC560146EB637FD8660942
// Get MSK Tx: A0 A6 00 00 40 Rx: 20 AF 49 FD CB 77 00 8C 2A AC DB A3 A1 AE 79 75 20 8C 25 E5 40 17 5D 22 D5 48 0C DE 88 D7 90 33 BE 12 98 C0 B5 33 8C 91 D6 E1 1B 33 AE 7D 46 2D E2 99 64 64 0C F5 05 FF 26 AE D5 98 82 2D 41 F9
//==========================================
// Test #2 : FULL AUTHENTICATION, WRONG #SEQ
//==========================================
Tx: A0 80 00 00 42 01A5 0042 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
0B050000 F262DECDCC1302CB4B527672E251422C
// AT_AUTS = AK2+SEQ | MAC-S
Rx: 02A5 0016 1704 0404 BA853F3C1233 01CFAF9EC4E871E9
// AK2 = 45 1E 8B EC A4 3B
// SEQ = ff 9b b4 d0 b6 08
// MAC-S= 01 CF AF 9E C4 E8 71 E9
//========================================== // Test #3 : FULL AUTHENTICATION, WRONG MAC= //========================================== Tx: A0 80 00 00 42 01A5 0042 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf36 02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3 0B050000 F262DECDCC1302CB4B527672E251422C // AKA-Authentication-Reject Rx: 02 A5 00 06 17 02 90 00
//===========================================
// Test #4 : Full Authentication + PSEUDO_ID=
//===========================================
// AT_RAND AT_AUTN AT_ENCR AT_MAC
// AT_ENCR: 82090000 8205000D 31323334 31323334 31323334 31000000 06030000 00000000 00000000
Tx: A0 80 00 00 7A 01A5 007A 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
81050000 12345678 12345678 12345678 12345678
82090000 819dcaf9e851072d660a36fb79d96c096ac36f2e58d6e32d3fc848699da076d4
0B050000 BCB23D96BE3855BDE867A2557977FAB6
// AT_RES AT_MAC
Rx: 02A5 0026 1701 03030040 A54211D5 E3BA50BF 0B050000 D6859267FC560146EB637FD8660942CF
// GET AT_FULLAUTH_ID_REQ = '12341234123412341 [at] dot.com'
Tx: A0 80 00 00 0A 01A6 000A 1705 1101 0000
Rx: 02 A6 00 22 1705 0E070015 3132333431323334313233343140646F742E636F6D000000 9000
// GET AT_PERMANENT_ID_REQ = 'aka [at] dot.com' Tx: A0 80 00 00 0A 01A6 000A 1705 0A01 0000 Rx: 02 A6 00 16 17 05 0E 04 00 0B 61 6B 61 40 64 6F 74 2E 63 6F 6D 00 90 00
//===========================================
// Test #5 : Full Authentication + ReAUTH_ID=
//===========================================
// AT_RAND AT_AUTN AT_ENCR AT_MAC
// AT_ENCR: 82090000 8505000D 31323334 31323334 31323334 31000000 06030000 00000000 00000000
Tx: A0 80 00 00 7A 01A5 007A 1701 01050000 23553cbe 9637a89d 218ae64d ae47bf35
02050000 55F328B43577 b9b9 4A9FFAC354DFAFB3
81050000 12345678 12345678 12345678 12345678
82090000 49e8e4be4245261189afe3a1e913953f4a966dbe53d621a8cc771072da7b1964
0B050000 ac4da101ef7450f5285700655dc6c6d0
// AT_RES AT_MAC
Rx: 02A5 0026 1701 03030040 A54211D5 E3BA50BF 0B050000 D6859267FC560146EB637FD8660942
// GET AT_ANY_ID_REQ: '1234123412341'
Tx: A0 80 00 00 0A 01A6 000A 1705 0D01 0000
Rx: 02 A6 00 1A 17 05 0E 05 00 0D 31 32 33 34 31 32 33 34 31 32 33 34 31 00 00 00 90 00
//=============================== // Test #6: ReAUTH + GoodCounter= //===============================
// XKEY' = SHA1(Identity|counter|NONCE_S|MK)
// Identity = "31323334 31323334 31323334 31"
// Counter= "0000" +
// NONCE= "12345678 12345678 12345678 12345678"
// MK = "BE1298C0B5338C91D6E11B33AE7D462DE29964640CF505FF26AED598822D41F9"
// "20AF49FDCB77008C2AACDBA3A1AE7975208C25E540175D22D5480CDE88D79033"
// XKEY'= 5f83882b27d5793c01a512f5ed300e6759e64974
// PRF(XKEY') = 7a9d9d7e5ca72ef90b63cc466c4a9d0d6a6a5506a56f978d2adea27db5176c3f
// 3abe04e06673ca3e58c85e6fd01f7cef9bd210a143917e90978aaf3eb4539747
// AT_IV AT_ENCR AT_MAC
// ENCR: 82090000 13010000 15050000 12345678 12345678 12345678 12345678 85020004 31323334
Tx: A0 80 00 00 52 01A5 0052 170D 81050000 12345678 12345678 12345678 12345678
82090000 5a88776e7dcb10737d3d3ab76a380b8995263616453079a49f7dc97f15596b2c
0B050000 bbb04ed146da523ee632d1cf6e50f97d
// AT_ENCR AT_COUNTER AT_NONCE_S AT_NEXT_REAUTH_ID
// AT_ENCR: 82090000 13010000 15050000 12345678 12345678 12345678 12345678 85020004 31323334
Rx: 02 A5 00 52 17 0D 81 05 00 00 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 82 09 00 00 FE 69
18 6B AA E2 DE 0E A6 1B 0A A3 18 B2 1F 51 50 60 BA 59 0C 6C A9 84 0E 6D 6A 66 C2 34 0F E6 0B 05
00 00 01 09 00 41 14 23 A6 A3 78 3B 98 E6 ED C5 EF C6 90 00
// Get MSK
Tx: A0 A6 00 00 40
Rx: 3A BE 04 E0 66 73 CA 3E 58 C8 5E 6F D0 1F 7C EF
9B D2 10 A1 43 91 7E 90 97 8A AF 3E B4 53 97 47
7A 9D 9D 7E 5C A7 2E F9 0B 63 CC 46 6C 4A 9D 0D
6A 6A 55 06 A5 6F 97 8D 2A DE A2 7D B5 17 6C 3F//============================== // Test #7: ReAUTH,WrongCounter= //==============================
// AT_IV AT_ENCR AT_MAC
// AT_ENCR: 82090000 13010000 15050000 12345678 12345678 12345678 12345678 85020004 31323334
Tx: A0 80 00 00 52 01A5 0052 170D 81050000 12345678 12345678 12345678 12345678
82090000 5a88776e7dcb10737d3d3ab76a380b8995263616453079a49f7dc97f15596b2c
0B050000 bbb04ed146da523ee632d1cf6e50f97d
// AT_ENCR AT_COUNTER_TOO_SMALL AT_COUNTER AT_PADDING
// AT_ENCR: 82050000 14010000 13010000 06020000 00000000
Rx: 02 A5 00 42 17 0D 81 05 00 00 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 A5 82 05 00 00 76 74
0A 5C AD 91 64 CD EB 1F C3 A5 6A 63 38 E7 0B 05 00 00 4C F3 CC 2F 47 7A 3B 24 C1 28 92 04 3F 91
59 E7 90 00
- (no other messages in thread)
Results generated by Tiger Technologies using MHonArc.