EAP-SIM ========= .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is Expansion of EAP-SIM?** EAP-SIM stands for *Extensible Authentication Protocol – Subscriber Identity Module*. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is EAP-SIM?** EAP-SIM is an authentication method that uses credentials stored on a GSM SIM card to authenticate users to a network using the EAP framework. It enables integration between GSM networks and IP-based access networks like Wi-Fi. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Why is EAP-SIM useful?** * Enables seamless authentication using existing SIM credentials. * Eliminates the need for passwords or digital certificates. * Ideal for public Wi-Fi offloading and carrier-grade wireless access. * Offers mutual authentication and key generation. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **How it works?** * The server sends a set of GSM triplets (RAND, AUTN). * The SIM card computes response (SRES) and encryption key (Kc). * Authentication is achieved by comparing server and client responses. * Session keys (MSK/EMSK) are derived after successful authentication. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Where is EAP-SIM used?** * Public Wi-Fi hotspots with SIM-based login. * Carrier Wi-Fi offload systems. * 3GPP I-WLAN environments. * Enterprise WLANs integrating GSM authentication. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which OSI layer does this protocol belong to?** * Application Layer (Layer 7) in the OSI model. * EAP messages are transported over lower-layer protocols like EAPOL or RADIUS. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **IS EAP-SIM Windows specific?** * No, EAP-SIM is not Windows-specific. * Support depends on the supplicant and device hardware (e.g., SIM reader). .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **IS EAP-SIM Linux Specific?** * No, it is not Linux-specific. * Commonly supported in Linux via `wpa_supplicant` and FreeRADIUS. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which Transport Protocol is used by EAP-SIM?** * Backend protocols: * RADIUS (UDP) * Diameter (TCP/SCTP) * EAP-SIM itself rides over EAP which can be transported via EAPOL or PPP. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which Port is used by EAP-SIM?** * RADIUS (UDP): Port 1812 (Authentication) * Diameter (TCP/SCTP): Port 3868 .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Is EAP-SIM using Client server model?** * Yes. * Client: Mobile device with SIM * Server: Authentication server (e.g., RADIUS) integrated with HLR/HSS .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Whether EAP-SIM protocol uses certificates?** * No. * It relies on GSM authentication using SIM triplets (RAND, SRES, Kc). .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **How many frame exchanges are seen during connection for EAP-SIM protocol?** * Typically involves 5 to 7 EAP message exchanges, depending on the flow and optional notifications. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Whether EAP-SIM Protocol uses client certificates?** * No, it uses the SIM card for authentication. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Whether EAP-SIM Protocol uses Server Certificates?** * No, server authentication is handled through MAC-based mutual authentication using SIM secrets. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **IS EAP-SIM Protocol depends on TCP?** * Not directly. * If Diameter is used as the backend, TCP or SCTP may be involved. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **IS EAP-SIM Protocol depends on UDP?** * Yes, when RADIUS is used for backend communication, it depends on UDP. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What are the roles involved when testing EAP-SIM Protocol?** * Supplicant (e.g., mobile device with SIM) * Authenticator (e.g., Access Point) * Authentication Server (e.g., FreeRADIUS) * SIM backend (e.g., HLR, HSS or GSM authentication simulator) .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Does EAP-SIM Protocol work with free radius server on Linux?** * Yes, FreeRADIUS supports EAP-SIM. * Configuration may require a GSM authentication plugin or proxy to HLR. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Does EAP-SIM Protocol work with Internal radius server of hostapd?** * No, the internal RADIUS server in hostapd does not support EAP-SIM. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is the RFC version use for EAP-SIM Protocol?** * **RFC 4186** .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **During Connection Procedure which EPoL Packets are encrypted?** * EAPOL packets are not encrypted at Layer 2. * Integrity is maintained through cryptographic MACs using session keys. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Can you Explain different stages of Connection Procedure for EAP-SIM Protocol?** * **Stage 1:** EAP Identity exchange. * **Stage 2:** Server sends RAND challenges and identities. * **Stage 3:** SIM computes SRES/Kc and replies with responses and MAC. * **Stage 4:** Server validates responses using GSM triplets. * **Stage 5:** Both sides derive session keys (MSK, EMSK). * **Stage 6:** EAP Success message is sent. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is the final output of Connection Procedure?** * Generation of **MSK (Master Session Key)** and **EMSK** for secure communication. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is the format of the key generate after the connection procedure?** * MSK: 64 bytes (512 bits) * EMSK: 64 bytes (512 bits), optional usage. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Where the use of PMK generated by the Connection Procedure?** * PMK is derived from MSK. * It is used in the 4-way WPA2 handshake to generate PTK for encrypting wireless data. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow Topics in this section, * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`EAP_SIM Version&IEEE Details ` * :ref:`EAP_SIM Basic Setup on Ubuntu ` * :ref:`EAP_SIM Protocol Packet Details ` * :ref:`EAP_SIM Usecases ` * :ref:`EAP_SIM Basic Features ` * :ref:`Reference links ` .. _EAP_SIM_step1: .. tab-set:: .. tab-item:: Learnings in this section * In this section, you are going to learn .. _EAP_SIM_step2: .. tab-set:: .. tab-item:: Terminology * Terminology .. _EAP_SIM_step3: .. tab-set:: .. tab-item:: Version Info * Version Info .. _EAP_SIM_step5: .. tab-set:: .. tab-item:: EAP_SIM Version&RFC Details * rfc details .. _EAP_SIM_step18: .. tab-set:: .. tab-item:: EAP_SIM Basic Setup on Ubuntu * setup .. _EAP_SIM_step6: .. tab-set:: .. tab-item:: EAP_SIM Protocol Packet Details * packet details .. _EAP_SIM_step7: .. tab-set:: .. tab-item:: EAP_SIM Usecases * usecases .. _EAP_SIM_step8: .. tab-set:: .. tab-item:: EAP_SIM Basic Features * features .. _EAP_SIM_step17: .. tab-set:: .. tab-item:: Reference links * Reference links