Project

General

Profile

Actions
Copy link

Bug #6396

closed

add support for auth failure with resync

Added by lynxis 4 months ago. Updated 18 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
lynxis
Target version:
-
Start date:
03/08/2024
Due date:
% Done:

100%

Description

When a phone connects and the sim sequence numbers are out of sync, the authentication will fail
and the phone will additional supply Rand and Auts in the failure message.
Similar to the 3gpp rat.
The sgsn already has a test for this TC_attach_usim_resync.

To reproduce it with a real phone, you could decrease the sequence number in the hss. (AFAIR it is a sliding window, reducing the sequence number by 1 might not be enough).

UE - strongswan

   <- Auth req
   -> Auth failure (reason resync, auts, rand)
 (HLR will update the sequence numbers)
   <- Auth req
   -> Auth succeed.
Actions
Copy link
 #2

Updated by lynxis 4 months ago

  • Description updated (diff)
Actions
Copy link
 #3

Updated by lynxis 4 months ago

  • Description updated (diff)
strongswan - osmo-epdg - HSS
 GUSP Auth Req ->
                     MAR ->
                      <- MAA
 <- GSUP Auth Response
 -> GSUP Auth Req (Auts, Rand)
                     MAR (Sip Authorization (Rand+Auts) ->
                     (HSS update sequence numbers)
                     <- MAA
 <- GSUP Auth Response
Actions
Copy link
 #4

Updated by lynxis 4 months ago

  • Description updated (diff)
Actions
Copy link
 #5

Updated by laforge 4 months ago

  • Subject changed from add support for sim failure with resync to add support for auth failure with resync
Actions
Copy link
 #6

Updated by laforge 4 months ago

  • Assignee set to lynxis
Actions
Copy link
 #7

Updated by pespin 4 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 50

Tested here:
https://gerrit.osmocom.org/c/osmo-ttcn3-hacks/+/36218 epdg: Introduce test TC_authinfo_fail_resync

Implemented in osmo-epdg here:
https://gerrit.osmocom.org/c/erlang/osmo-epdg/+/36217 Implement sim auth resync

Leaving it assigned to lynxis for review and also to let him impelement/test it against strongswan.

Actions
Copy link
 #8

Updated by pespin 4 months ago

I merged the patch and updated epdg.osmocom.org with new osmo-epdg master.

Actions
Copy link
 #9

Updated by laforge 18 days ago

  • Status changed from Feedback to Resolved
  • % Done changed from 50 to 100
Actions
Copy link

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 48.8 MB)