Smartphone Authenticator (AP)
| 0. EAPOL Start |
+--------------------------------------------------------->|
| |
| 1. EAP Request/Identity |
|<---------------------------------------------------------+
| |
| 2. EAP Response/Identity (IMSI) [later X] |
+--------------------------------------------------------->|
| |
| 3. EAP Request/SIM/Start (VERSION_LIST) |
|<---------------------------------------------------------+
| | MNO
| 4. EAP Response/SIM/Start (NONCE, SELECTED_VERSION) | |
+--------------------------------------------------------->| |
| | N times |
| |5. (IMSI) |
| +------------------>|
| | (RAND,SRES,Kc) |
| |<------------------+
| | |
| |
|6. N times EAP Request/SIM/Challenge (RAND,H(RAND),[X]Kc*)|
|<---------------------------------------------------------+
+-----+--------------------------------+ |
|7. run GSM algorithms, verify H(RAND) | |
|with NONCE, derive sess. key Kc*, | |
|decrypt and save pseudonym X with Kc* | |
+-----+--------------------------------+ |
| |
|8. EAP Response/SIM/Challenge (H(SRES)) |
+--------------------------------------------------------->|
| +-----+--------+
| | compare with |
| | own SRES |
| +-----+--------+
| 9. EAP Success |
|<---------------------------------------------------------+
| |