Project

General

Profile

Feature #1956

UMTS AKA support in OsmoSGSN

Added by neels about 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
02/20/2017
Due date:
% Done:

100%

Spec Reference:

Description

Implement UMTS authentication for OsmoSGSN.
Talk to OsmoHLR to fetch UMTS auth tuples with AUTN and RES
and do AUTS sequence resync (think milenage).


Related issues

Related to OsmoNITB - Feature #1593: UMTS AKA supportClosed02/23/2016

Related to OsmoSGSN - Feature #1959: SGSN: write regression tests for AuthenticationClosed02/24/2017

Associated revisions

Revision 058cd573 (diff)
Added by neels about 4 years ago

SGSN: Integrate support for UMTS AKA

The general infrastructure for UMTS AKA is already in place:
  • GSUP with capability to send us auth_vectors that contain
    either triplets or quintuples
  • mm_context that holds such auth_vectors
Add:
  • capability to send UMTS AUTN in GMM AUTH REQ
  • parse extended UMTS RES
  • on auth response, validate expected AKA with vector and received res/sres
  • add Auth Failure message to receive resync AUTS token and * send to HLR * clear out-of-sync auth tuple * enter new state for when we're waiting for HLR to resync and send new
    tuples so that the next Auth Request will be handled

Original first half of this patch by: Harald Welte <>

Full UMTS AKA procedure including AUTS resync tested to work against OsmoHLR
with R99 USIM and Milenage algorithm.

The sgsn_test.c needs adjustment because we're checking the vector's auth_types
now.

Depends: libosmocore change-ids
I277fb3d407396dffa5c07a9c5454d87a415d393f
If943731a78089f0aac3d55245de80596d01314a4
Related: OS#1956
Change-Id: Ie6a0cefba5e4e7f02cc2eaf6ec006ac07d5c1816

Revision 4eec3df9 (diff)
Added by neels about 4 years ago

SGSN: Integrate support for UMTS AKA

The general infrastructure for UMTS AKA is already in place:
  • GSUP with capability to send us auth_vectors that contain
    either triplets or quintuples
  • mm_context that holds such auth_vectors
Add:
  • capability to send UMTS AUTN in GMM AUTH REQ
  • parse extended UMTS RES
  • on auth response, validate expected AKA with vector and received res/sres
  • add Auth Failure message to receive resync AUTS token and * send to HLR * clear out-of-sync auth tuple * enter new state for when we're waiting for HLR to resync and send new
    tuples so that the next Auth Request will be handled

Original first half of this patch by: Harald Welte <>

Full UMTS AKA procedure including AUTS resync tested to work against OsmoHLR
with R99 USIM and Milenage algorithm.

The sgsn_test.c needs adjustment because we're checking the vector's auth_types
now.

Depends: libosmocore change-ids
I277fb3d407396dffa5c07a9c5454d87a415d393f
If943731a78089f0aac3d55245de80596d01314a4
Related: OS#1956
Change-Id: Ie6a0cefba5e4e7f02cc2eaf6ec006ac07d5c1816

History

#1 Updated by neels about 4 years ago

  • Status changed from New to In Progress
  • Assignee set to neels
  • % Done changed from 0 to 70

Mostly done in https://gerrit.osmocom.org/1683 but AUTS resync is still in progress.

#2 Updated by neels about 4 years ago

#3 Updated by neels about 4 years ago

AUTS resync implemented, but not tested yet

#4 Updated by neels about 4 years ago

Note: the System information Type 13 indicates whether the network is capable of R99.
3GPP TS 44.018 9.1.43a 'System information Type 13' and 10.5.2.37b 'SI 13 Rest Octets'

SGSNR, SGSN Release (1 bit field)
0 SGSN is Release '98 or older
1 SGSN is Release '99 onwards

Looking at our code, we apparently already send this as "R99":
openbsc/openbsc/src/libbsc/rest_octets.c

                /* claim our SGSN is compatible with Release 99, as EDGE and EGPRS
                 * was only added in this Release */
                bitvec_set_bit(&bv, 1);

confirmed by wireshark trace.

So nothing to do here.

#5 Updated by neels about 4 years ago

  • Related to Feature #1959: SGSN: write regression tests for Authentication added

#6 Updated by neels about 4 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 70 to 100

UMTS AKA is now fully implemented in the SGSN https://gerrit.osmocom.org/1683.
Tested and works with real equipment (R99 MS in GSM doing full UMTS AKA).
It could also use some unit testing: #1959

#7 Updated by laforge about 4 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)