landslide troubleshooting: how to debug 3/4/5G authentication "MAC failure" or "sync failure" issue


Doc ID    SOL14108
Version:    1.0
Status:    Published
Published date:    07/17/2019
 

Objective/Summary


      In case of 3/4/5G authentication failure,most likely, the authentication request message would be rejected by UE/landslide due to MAC value mismatch, it could be caused by mismatched OP/OPc value or secret key, but due to the AES encryption used in milenage algorithm, it's hard to tell why MAC was mismatched.
This program allows you to compute the MAC,RES, AUTS values manually based on the OP/OPc, secret key you input, so that you can use the computed value for cross reference and figure out who did wrong during authentication.
The C code used for milenage algorightm computation in this program is from 3GPP TS 35.206, so it's trustable. The program also has an option to print out the c source code and the constant value C1-C5,R1-R5 defined in 35.206 and used in this program.
And there is some other case, though OP/OPc/secret key are configured correctly and MAC/RES verification is successful, the UE/landslide still rejects the authentication request due to the sequence number used by HSS/network is not in the correct range acceptable to UE, in that case, UE/landslide would send back "sync failure" with AUTS value including a new sequence nubmer (SQNms) encrypted by AK* and a new MAC-S value.
This program also allows you to manually calculate the AK* and MAC-S based on your input of SQNms, or simply retrieve the SQNms based on the AUTS value you find in the message sent by UE/Landslide.

Environment/Versions

Landslide authentication test with 3G/4G/5G core network.

Procedure

How to debug "mac failure" issue:
    According to spec, the MAC is computed by the f1 function defined in 35.206 based on the OP(or OPc), secret key,rand,SQN,AMF and C1,R1. C1 and R1 are constants and most vendors use the same value as in spec, and SQN and AMF could be retrieved from the AUTN value sent by core network, Rand value could be found in authentication request message as well, so the main parameters that usually causes discrepancy are the OP/OPc and secret key. You can run the attached program and manually input those values to calculate the MAC value, see whether the MAC in the message is expected.
1. put the attached executable file "milenage" onto any landslide TAS or test server by ftp or any other way.
2. run command "chmod 755 milenage" to make it executable.
3. run "./milenage" to execute this program.
4. you'll see a menu like below:
5. select 1 to compute MAC based on OP, or 2 to calculate it based on OPc.
6. input all necessary values of OP/OPc, secret key you found in configuration, Rand and AUTN you found in message, then you'll get the mac computed by this program. see below example:
 sample message in pcap:
input and output of program:
Please select the menu by input number 1-4:1
please input hex value of secret key(no space allowed):12345600000000000000000000000000
please input hex value of op(no space allowed):0102030405060708090a0b0c0d0e1111
please input hex value of rand(no space allowed):0100000000000000f92ea516d87d7de0
please input hex value of AUTN(no space allowed):b3e1413492028000ec47a841a698194f

The SQN_XOR_AK from network should be first 6 bytes of AUTN, which is (0x): b3e141349202
The AMF from network should be the 7th and 8th byte of AUTN, which is (0x): 8000
The MAC-A from network should be the last 8 bytes of AUTN, which is   (0x): ec47a841a698194f
Based on the above provided parameters:
The OPc is computed by encryption of OP value using secret key,then XOR with OP.
So the OPc in this case should be                            (0x):1912d20ce43eedd767facf57e8646918
The AK computed by f2 function in 3gpp 35.206 should be      (0x):b3e1413e4212
The SQN computed by AK XOR SQN_XOR_AK should be              (0x):0000000ad010
The CK computed by F3 function in 3gpp 35.206 should be      (0x):4cf93c6e9c7356eb427d773ea742fde8
The IK computed by F4 function in 3gpp 35.206 should be      (0x):f1b29791b81f09bef478226be18e2732
The RES computed by F2 function in 3gpp 35.206 should be     (0x):5066e1aef7843f7d
the mac-a computed by f1 function in 3gpp 35.206 should be   (0x):ec47a841a698194f
The MAC-A retrieved from AUTN is                             (0x):ec47a841a698194f

The computed mac_a and retrieved mac_a from AUTN are matched
 
7. you can also use the above computed RES value by program to check whether the RES value sent back to core network is correct or not.
   
how to debug "sync failure" issue:
    In case of "sync failure", most likely, the UE/landslide rejects the authentication request due to the sequence number used by HSS/network is not in the correct range acceptable to UE, therefore, UE/landslide would send back "sync failure" with AUTS value including a new sequence number (SQNms) encrypted by AK* and a new MAC-S value.
This program allows you to manually calculate the AK* and MAC-S based on your input of SQNms, or simply retrieve the SQNms based on the AUTS value you find in message.
1. answer "yes" to continue to calculate MAC-S when this program asked about this.
2. select "1" to calculate mac-s by input SQNms&AMF or "2" to  verify SQNms value by manually input AUTS.
3. sample input and output of program like below:
do you want to continue to compute the SQNms&MAC-S based on the AUTS for sync failure troubleshooting?(yes/no):yes
Do you want to (1): calculate mac-s by input SQNms&AMF or (2): verify SQNms by input AUTS? Please input 1 or 2:1
please input hex value of SQNms(no space allowed):0000000AD010
please input hex value of AMF(no space allowed):8000

the MAC-S computed by f1* function in 3gpp 35.206 should be                   (0x): b1e1908ee3bc764e
the AK* value should be                                                       (0x): 14bc599474e6
the SQNms_XOR_AK(fist 6 bytes of AUTS) value should be                        (0x): 14bc599ea4f6

Attachment

milenage
45K • < 1 minute @ 56k, < 1 minute @ broadband


Find Answers

Specified Languages
English
中文

Please Sign In

Username
Password

Did you forget your password?
Click here for assistance

New user? Start here.