|EAP-SIM, GSM Subscriber Identity Modules|
|Base protocol:||EAP, PPP Extensible Authentication Protocol.|
An EAP mechanism for authentication and session key distribution using the (GSM) Global System for Mobile Communications (SIM) Subscriber Identity Module. This mechanism specifies enhancements to GSM authentication and key agreement whereby multiple authentication triplets can be combined to create authentication responses and session keys of greater strength than the individual GSM triplets. The mechanism also includes network authentication, user anonymity support, result indications, and a fast re-authentication procedure.
An EAP-SIM authentication exchange that is based on keys derived upon a preceding full authentication exchange. The GSM authentication and key exchange algorithms are not used in the fast re-authentication procedure.
Fast re-authentication Identity.
A fast re-authentication identity of the peer, including an NAI realm portion in environments where a realm is used. Used on fast re-authentication only.
Fast re-authentication username.
The username portion of fast re-authentication identity, i.e., not including any realm portions. Full authentication An EAP-SIM authentication exchange based on the GSM authentication and key agreement algorithms.
The tuple formed by the three GSM authentication values RAND, Kc, and SRES.
IMSI, International Mobile Subscriber Identifier.
Used in GSM to identify subscribers.
MAC, Message Authentication Code.
NAI, Network Access Identifier.
A value that is used at most once or that is never repeated within the same cryptographic context. In general, a nonce can be predictable (e.g., a counter) or unpredictable (e.g., a random value). Since some cryptographic properties may depend on the randomness of the nonce, attention should be paid to whether a nonce is required to be random or not.
The permanent identity of the peer, including an NAI realm portion in environments where a realm is used. The permanent identity is usually based on the IMSI. Used on full authentication only.
The username portion of permanent identity, i.e., not including any realm portions.
A pseudonym identity of the peer, including an NAI realm portion in environments where a realm is used. Used on full authentication only.
The username portion of pseudonym identity, i.e., not including any realm portions.
SIM, Subscriber Identity Module.
Traditionally a smart card distributed by a GSM operator.
[RFC 4186] Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM).