Authentication Failure
Authentication Failure is mostly related to wrong AUTN value in Authentication Request message. There are three main parameters including AUTN value and these main parameter would cause three different failure cause as follows.
|
Parameter |
Failure Code |
|
MAC Code |
#20:MAC failure (Example) |
|
Separation Bit (First bit of AMF) |
#26:Non-EPS authentication unacceptable (Example) |
|
SQN |
#21:Synch failure (Example) |
Following example is for Invalid MAC Code and this test is based on the following test USIM. This test USIM uses 3GPP Test Algorithm specifed in 34.108
Correct Parameters :
SQN=000000000000
AMF=8000
K= 00112233445566778899AABBCCDDEEFF
--------------------------------------------
RAND=31323131353836343132313135383634
IK= 1302716D5043B9AB9B8AF9E5D8CB3123
CK= 231302716D5043B9AB9B8AF9E5D8CB31
AUTN=02716D5043B9800031231302716DD043
Invalid Parameters used for Test :
SQN=FFFFFFFFFFFF
AMF=8000
K= 00112233445566778899AABBCCDDEEFF
--------------------------------------------
RAND=31323131353836343132313135383634
IK= 1302716D5043B9AB9B8AF9E5D8CB3123
CK= 231302716D5043B9AB9B8AF9E5D8CB31
AUTN=FD8E92AFBC458000CEDCECFD8E92D043
|
Step |
Direction |
Message |
|
1 |
UE <- NW |
Authentication Request |
|
2 |
UE -> NW |
Authentication Failure |
1) Authentication Request
DL-DCCH-Message
message: c1 (0)
c1: dlInformationTransfer (1)
dlInformationTransfer
rrc-TransactionIdentifier: 0
criticalExtensions: c1 (0)
c1: dlInformationTransfer-r8 (0)
dlInformationTransfer-r8
dedicatedInfoType: dedicatedInfoNAS (0)
dedicatedInfoNAS: 0752033132313135383634313231313538363410fd8e92af...
Non-Access-Stratum (NAS)PDU
0000 .... = Security header type: Plain NAS message, not security protected (0)
.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)
NAS EPS Mobility Management Message Type: Authentication request (0x52)
0000 .... = Spare half octet: 0
.... 0... = Type of security context flag (TSC): Native security context
(for KSIasme)
.... .011 = NAS key set identifier: (3) ASME
Authentication Parameter RAND - EPS challenge
RAND value: 31323131353836343132313135383634
Authentication Parameter AUTN (UMTS and EPS authentication challenge)
- EPS challenge
Length: 16
AUTN value: fd8e92afbc458000cedcecfd8e92d043
SQN xor AK: fd8e92afbc45
AMF: 8000
MAC: cedcecfd8e92d043
2) Authentication Failure
UL-DCCH-Message
message: c1 (0)
c1: ulInformationTransfer (9)
ulInformationTransfer
criticalExtensions: c1 (0)
c1: ulInformationTransfer-r8 (0)
ulInformationTransfer-r8
dedicatedInfoType: dedicatedInfoNAS (0)
dedicatedInfoNAS: 1792f6a1a905075c14
Non-Access-Stratum (NAS)PDU
0001 .... = Security header type: Integrity protected (1)
.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)
Message authentication code: 0x92f6a1a9
Sequence number: 5
0000 .... = Security header type: Plain NAS message, not security protected (0)
.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)
NAS EPS Mobility Management Message Type: Authentication failure (0x5c)
EMM cause
Cause: MAC failure (20)
Example : Invalid Separation Bit
Following example is for Invalid MAC Code and this test is based on the following test USIM. This test USIM uses 3GPP Test Algorithm specifed in 34.108
Correct Parameters :
SQN=000000000000
AMF=8000
K= 00112233445566778899AABBCCDDEEFF
--------------------------------------------
RAND=31323131353836343132313135383634
IK= 1302716D5043B9AB9B8AF9E5D8CB3123
CK= 231302716D5043B9AB9B8AF9E5D8CB31
AUTN=02716D5043B9800031231302716DD043
Invalid Parameters used for Test :
SQN=000000000000
AMF=0000
K= 00112233445566778899AABBCCDDEEFF
--------------------------------------------
RAND=31323131353836343132313135383634
IK=1302716D5043B9AB9B8AF9E5D8CB3123
CK=231302716D5043B9AB9B8AF9E5D8CB31
AUTN=02716D5043B9000031231302716D5043
|
Step |
Direction |
Message |
|
1 |
UE <- NW |
Authentication Request |
|
2 |
UE -> NW |
Authentication Failure |
1) Authentication Request
DL-DCCH-Message
message: c1 (0)
c1: dlInformationTransfer (1)
dlInformationTransfer
rrc-TransactionIdentifier: 0
criticalExtensions: c1 (0)
c1: dlInformationTransfer-r8 (0)
dlInformationTransfer-r8
dedicatedInfoType: dedicatedInfoNAS (0)
dedicatedInfoNAS: 075200313231313538363431323131353836341002716d50...
Non-Access-Stratum (NAS)PDU
0000 .... = Security header type: Plain NAS message, not security protected (0)
.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)
NAS EPS Mobility Management Message Type: Authentication request (0x52)
0000 .... = Spare half octet: 0
.... 0... = Type of security context flag (TSC): Native security context (
for KSIasme)
.... .000 = NAS key set identifier: (0) ASME
Authentication Parameter RAND - EPS challenge
RAND value: 31323131353836343132313135383634
Authentication Parameter AUTN (UMTS and EPS authentication challenge)
- EPS challenge
Length: 16
AUTN value: 02716d5043b9000031231302716d5043
SQN xor AK: 02716d5043b9
AMF: 0000
MAC: 31231302716d5043
2) Authentication Failure
UL-DCCH-Message
message: c1 (0)
c1: ulInformationTransfer (9)
ulInformationTransfer
criticalExtensions: c1 (0)
c1: ulInformationTransfer-r8 (0)
ulInformationTransfer-r8
dedicatedInfoType: dedicatedInfoNAS (0)
dedicatedInfoNAS: 075c1a
Non-Access-Stratum (NAS)PDU
0000 .... = Security header type: Plain NAS message, not security protected (0)
.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)
NAS EPS Mobility Management Message Type: Authentication failure (0x5c)
EMM cause
Cause: Non-EPS authentication unacceptable (26)