[sim-auth PATCH 4/5] Add doc/gba-authentication.txt

From: Pekka Pessi <Pekka.Pessi(a)nokia.com&gt; --- doc/gba-authentication.txt | 70 ++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 70 insertions(+), 0 deletions(-) create mode 100644 doc/gba-authentication.txt diff --git a/doc/gba-authentication.txt b/doc/gba-authentication.txt new file mode 100644 index 0000000..4c88ace --- /dev/null +++ b/doc/gba-authentication.txt @@ -0,0 +1,70 @@ +GBA Authentication +================== + + GBA authentication uses SIM card to establish a unique + identity and a shared secret for a network service. The + shared secret is computed from the domain name of the + service and a special boostrap key, Ks. + + GBA is used to authenticate the mobile with the IMS XCAP + servers. + + The mobile obtains the bootstrap key and a temporary + identity used with network services from a special + boostraps bootstrap server, BSF. Mobile authenticates + itself with BSF using AKA authentication and the BSF + returns it the identity to use with network services + (known as NAF). The bootstrap key is formed from the AKA + authentication results, too. + + In the initial phase the client will send its user + identity, the IP Multimedia Private Identity (IMPI) to + the BSF server. The BSF server fetches an AKA challenge + from operator's subscriber database along with correct + response: RAND, AUTN, XRES, CK and IK. Server returns + the AKA challenge RAND and AUTN to mobile. + + The client uses SIM to calculate the AKA RES, CK and IK + from the challenge, and uses RES to generate AKA Digest + credentials sent back to the bootstrap server. + + The bootstrapping server verifies the response using + XRES, and if accepted, it will return an XML document + containing the bootstrapping transaction identifier + (B-TID) and the lifetime of the KS_NAF keys. + + The CK and IK parameters from AKA authentication are + used for Ks. The Ks can now be used to derive unique + key for each NSF service. + + For further reference on GBA, see 3GPP TS 33.220 + and 3GPP TS 24.109. + +GBA Variants +------------ + + There are three different GBA variants: 2G GBA, GBA_ME + and GBA_U. The variant is selected based on SIM card + capabilities.The 2G GBA is used if there is no 3G USIM + available. The GBA_ME is used if there is USIM or ISIM + application on SIM card (also known as UICC), but there + is no support for GBA service. + + In the GBA_ME variant the Ks key is stored outside SIM + card. It is implemented using ordinary AKA + authentication. + + In the 2G variant, there is no AKA authentication, but + it is rather simulated using 2G A8 SIM authentication + algorithm. The 2G variant is described in the 3GPP + 33.220 Annex I. + + The UICC-based GBA variant, GBA_U, keeps the Ks key + stored on the SIM card (UICC) and lets the SIM card + calculate the NAF keys. + + Note that the device cannot downgrade the protocol: + subscriber database has recorded if the SIM card + supports GBA_U andthe information is included in the AKA + challenge. The SIM card will reject a GBA_U-related AKA + challenge if it is used with ordinary AKA service. -- 1.7.1