| EAP-SIM, GSM Subscriber Identity Modules |
| Description | Glossary | RFCs | Publications | Obsolete RFCs |
| Protocol suite: | |
| Type: | EAP subprotocol. |
| Base protocol: | EAP, PPP Extensible Authentication Protocol. |
| EAP type: | 18. |
| SNMP MIBs: | |
| Working groups: | |
| Links: |
An EAP mechanism for authentication and session key distribution using the (GSM) Global System for Mobile Communications (SIM) Subscriber Identity Module. This mechanism specifies enhancements to GSM authentication and key agreement whereby multiple authentication triplets can be combined to create authentication responses and session keys of greater strength than the individual GSM triplets. The mechanism also includes network authentication, user anonymity support, result indications, and a fast re-authentication procedure.
Fast re-authentication.
An EAP-SIM authentication exchange that is based on keys derived upon a preceding full authentication exchange.
The GSM authentication and key exchange algorithms are not used in the fast re-authentication procedure.
Fast re-authentication Identity.
A fast re-authentication identity of the peer, including an NAI realm
portion in environments where a realm is used.
Used on fast re-authentication only.
Fast re-authentication username.
The username portion of fast re-authentication identity, i.e., not including any realm portions.
Full authentication An EAP-SIM authentication exchange based on the GSM authentication and key agreement algorithms.
GSM triplet.
The tuple formed by the three GSM authentication values RAND, Kc, and SRES.
IMSI, International Mobile Subscriber Identifier.
Used in GSM to identify subscribers.
MAC, Message Authentication Code.
NAI, Network Access Identifier.
nonce.
A value that is used at most once or that is never repeated within the same cryptographic context.
In general, a nonce can be predictable (e.g., a counter) or unpredictable (e.g., a random value).
Since some cryptographic properties may
depend on the randomness of the nonce, attention should be paid to whether a nonce is required to be random or not.
Permanent identity.
The permanent identity of the peer, including an NAI realm portion in environments where a realm is used.
The permanent identity is usually based on the IMSI.
Used on full authentication only.
Permanent username.
The username portion of permanent identity, i.e., not including any realm portions.
Pseudonym identity.
A pseudonym identity of the peer, including an NAI realm portion in environments where a realm is used.
Used on full authentication only.
Pseudonym username.
The username portion of pseudonym identity, i.e., not including any realm portions.
SIM, Subscriber Identity Module.
Traditionally a smart card distributed by a GSM operator.
RFCs:
[RFC 4186] Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM).
| Description | Glossary | RFCs | Publications | Obsolete RFCs |