EAP-SIM Support in 8950 AAA

EAP-SIM Overview

EAP-SIM is a EAP type based on the Global System for Mobile Communications (GSM) Subscriber Identity Module (SIM). In addition to authentication and session key generation, EAP-SIM includes user anonymity support, result indications, and a fast re-authentication procedure. The key to EAP-SIM is the generation of two responses to 16-byte challenges called RANDs. The responses are refered to as SRES and Kc. SRES is used for authentication while Kc can be used as an encryption between the client and server. Often these three values, RAND, SRES, and Kc are called a GSM triplet. EAP-SIM uses multiple triplets per authentication and produces a master session key which can be used encrypt network data. For more information on EAP-SIM see:

http://www.ietf.org/rfc/rfc4186.txt

Information on EAP

IETF RFC on EAP can be found at: http://www.ietf.org/rfc/rfc3748.txt
IETF RFC on EAP usage with RADIUS can be found at: http://www.ietf.org/rfc/rfc3579.txt

Plug-ins

Overview

8950 AAA contains five plug-ins to support EAP-SIM: AuthEapSim, ReadMapGateway, ReadGsmTripletFile, GenerateGsmTriplet, and RecoverImsi.

AuthEapSim Plug-in

The AuthEapSim plug-in generates EAP-SIM requests and processes EAP-SIM responses. In order for the AuthEapSim plug-in to authenticate the supplicant, it needs a source of GSM triplets. To allow for different sources of GSM triplets, the AuthEapSim plug-in calls a triplet policy flow with the permanent identity of the peer, IMSI, and the number of triplets needed. The triplet policy flow can use other plug-ins to either fetch triplets from a data source or generate triplets for a given SIM key.

For more information see the plug-in reference documentation:

AuthEapSim.htm

ReadMapGateway Plug-in

The ReadMapGateway plug-in fetches triplets from a Home Location Registry (HLR). The ReadMapGateway sends requests to an Ulticom MAP Gateway which in turn sends SS7 MAP requests to an HLR.

For more information see the plug-in reference documentation:

ReadMapGateway.htm

ReadGsmTripletFile Plug-in

The ReadGsmTripletFile plug-in reads triplets from a binary file containing a block of triplets. The plug-in assumes one file per IMSI and that each triplet is defined as 16 bytes of RAND followed by 4 bytes of SRES and 8 bytes of Kc.

For more information see the plug-in reference documentation:

ReadGsmTripletFile.htm

GenerateGsmTriplet Plug-in

The GenerateGsmTriplet plug-in generates triplets from a SIM key and customer specific A3/A8 algorithm.

For more information see the plug-in reference documentation:

GenerateGsmTriplet.htm

RecoverImsi Plug-in

The RecoverImsi plug-in can be used to recover an IMSI from an EAP-SIM pseudonym or fast re-authentication username and is useful in associating billing records with a subscriber.

For more information see the plug-in reference documentation:

RecoverImsi.htm

Testing

EAP-SIM Client Callbacks

8950 AAA includes both a RADIUS EAP-SIM client callback and a Diameter EAP-SIM client callback for use with testing. The RADIUS EAP-SIM client callback is used with the 8950 AAA RADIUS Client Tool, aaa-rt, and with the RadiusTask which is used in Ant build scripts. The Diameter EAP-SIM client callback is used with the 8950 AAA Diameter Client Tool, aaa-dt, and with the DiameterTask which is used in Ant build scripts. Both callbacks can be used to test EAP-SIM authentication in 8950 AAA or other RADIUS servers implementing EAP-SIM. In response to identity requests from the server, the callbacks will always favor a fast re-authentication identity over a temporary identity and a temporary identity over a permanent identity. Selection is based on which identities are configured and the type of identity requested by the server. The callback allows specifying a customer specific A3/A8 algorithm and A3/A8 configration string for generating GSM triplets.

Arguments added to testing tool:

-identity <value> or -id <value>: The value specified by this argument is the identity sent with the EAP-Identity message. The RADIUS server should have a policy that authenticates this identity using EAP-SIM. The default value is empty which allows for requesting identity in a SIM-Start request.
-incrementidentity <value>: If the value of this argument is set to true then the numeric portion of the identity argument is incremented for each request sent. The default value is false.
-identitymodulus <value>: The value specified by this argument is the used with the incrementidentity argument. If specified to a value greater than 0 the the modulus will be used with the current request count to limit the identity values generated to a fixed range. The default value is 0 which means do not use.
-permid <value>: The value specified by this argument is the permanent identity for the client. This value may be sent in response to a SIM-Start request depending on the type of identity requested by the server.
-tempid <value>: The value specified by this argument is the temporary identity for the client. The temporary identity is a combination of a pseudonym sent by the server and any realm information. This value may be sent in response to a SIM-Start request depending on the type of identity requested by the server.
-reauthid <value>: The value specified by this argument is the fast reauthentication identity for the client. This value may be sent in response to a SIM-Start request depending on the type of identity requested by the server.
-reauthcount <value>: The value specified by this argument is the reauthentication counter value for the client. This value is used to test fast reauthentication.
-masterkey <value>: The value specified by this argument is the master key for the client. This value is used to test fast reauthentication. This value is expected to be a hex encoded.
-simkey <value>: The value specified by this argument is the SIM key (Ki) for the client. This value is used to test full authentication. This value is expected to be a hex encoded.
-a3a8class <value>: The value specified by this argument is the class to use for the A3/A8 algorithm used for generating GSM triplets. The default value is com.lucent.aaa.GsmTriplet$GsmXor which performs a simple XOR function which is often found on SIM cards used for testing. 8950 AAA also includes com.lucent.aaa.GsmTriplet$GsmMilenage1 and com.lucent.aaa.GsmTriplet$GsmMilenage2 which implement the two SRES derivation functions of the GSM-MILENAGE A3/A8 algorithm (3GPP TS 55.205) with OP as configuration value. 8950 AAA also includes com.lucent.aaa.GsmTriplet$GsmMilenageOpc1 and com.lucent.aaa.GsmTriplet$GsmMilenageOpc2 which implement the two SRES derivation functions of the GSM-MILENAGE A3/A8 algorithm (3GPP TS 55.205) with OPc as configuration value.
-a3a8config <value>: The value specified by this argument is the configuration string used for setting up the A3/A8 algorithm used for generating GSM triplets. The default value is empty. For A3/A8 algorithms com.lucent.aaa.GsmTriplet$GsmMilenage1 and com.lucent.aaa.GsmTriplet$GsmMilenage2 the configuration string is the hex value for OP as specified in the GSM-MILENAGE specification (3GPP TS 55.205). For A3/A8 algorithms com.lucent.aaa.GsmTriplet$GsmMilenageOpc1 and com.lucent.aaa.GsmTriplet$GsmMilenageOpc2 the configuration string is the hex value for OPc as specified in the GSM-MILENAGE specification (3GPP TS 55.205).
-simversion <value>: The value specified by this argument is the EAP-SIM version to use. The default value is 1. To test a EAP-SIM draft 5 server set this value to 0.
-tripletsused <value>: The value specified by this argument is the number of triplets to use per full authentication. The default value is 2.
-sendresultind <value>: The value specified by this argument determines whether the client will request result indicators be sent by the server on success. The default value is false.
-allowfastreauth <value>: The value specified by this argument determines whether the client will support fast reauthentication. The default value is true.
-reuseclients <value>: The value specified by this argument determines whether the EAP-SIM clients should be reused. By setting this argument to true, authentications can be chained to use results of previous authentications. The default value is false.
-checkkeys <value> or -ck <value>: The value specified whether the session keys sent by the server should be checked by the client. The default value is true.

Sample Usage:

C:\va\run>..\bin\aaa-rt -callback EapSim -permid 1111111111111111@read.sim.key.com
 -simkey 11111111111111111111111111111111 -loglevel verbose
Xmit: Access-Request

Type=1, Ident=0, Len=20, Auth=60 B4 20 BB 38 51 D9 D4 7A CB 93 3D BE 70 39 9B

         0: 01 00 00 14 60 B4 20 BB 38 51 D9 D4 7A CB 93 3D [....`. .8Q..z..=]
        16: BE 70 39 9B                                     [.p9.            ]

Recv: Access-Challenge after 3312 ms.
        Message-Authenticator = "5F9347069086175D890214EF91020982"
        State = "12025"
        Session-Timeout = 180
        EAP-Message = "Request/EAP-SIM(1): (Start) 00000F020002000100000D010000"


Type=11, Ident=0, Len=73, Auth=65 AD ED C4 86 3E 6F BC B9 52 95 B2 7B E9 DC 2C
     Off=20, Attr=80, Len=18        50 12 5F 93 47 06 90 86 [P._.G...]
                                    17 5D 89 02 14 EF 91 02 [.]......]
                                    09 82                   [..      ]
     Off=38, Attr=79, Len=22        4F 16 01 01 00 14 12 0A [O.......]
                                    00 00 0F 02 00 02 00 01 [........]
                                    00 00 0D 01 00 00       [......  ]
     Off=60, Attr=24, Len=7         18 07 31 32 30 32 35    [..12025 ]
     Off=67, Attr=27, Len=6         1B 06 00 00 00 B4       [......  ]

         0: 0B 00 00 49 65 AD ED C4 86 3E 6F BC B9 52 95 B2 [...Ie....>o..R..]
        16: 7B E9 DC 2C 50 12 5F 93 47 06 90 86 17 5D 89 02 [{..,P._.G....]..]
        32: 14 EF 91 02 09 82 4F 16 01 01 00 14 12 0A 00 00 [......O.........]
        48: 0F 02 00 02 00 01 00 00 0D 01 00 00 18 07 31 32 [..............12]
        64: 30 32 35 1B 06 00 00 00 B4                      [025......       ]

IAIK security provider installed
Current providers:
        SUN 1.5
        SunRsaSign 1.5
        SunJSSE 1.5
        SunJCE 1.5
        SunJGSS 1.0
        SunSASL 1.5
        IAIK 3.13

EAP-Request/SIM_START reserved = 0000 Attributes:
        Name = AT_VERSION_LIST, Length = 2, Data = 000200010000
        Name = AT_ANY_ID_REQ, Length = 1, Data = 0000
Sending start response
EAP-Response/SIM_START reserved = 0000 Attributes:
        Name = AT_NONCE_MT, Length = 5, Data = 00000A2CEE01B688CDD96CB8636D398A1
809
        Name = AT_IDENTITY, Length = 10, Data = 00213131313131313131313131313131
313140726561642E73696D2E6B65792E636F6D000000
        Name = AT_SELECTED_VERSION, Length = 1, Data = 0001
Added response for state "12025" to queue...
Xmit: Access-Request
        EAP-Message = "Response/EAP-SIM(1): (Start) 0000070500000A2CEE01B688CDD9
6CB8636D398A18090E0A00213131313131313131313131313131313140726561642E73696D2E6B65
792E636F6D00000010010001"
        Message-Authenticator = "00000000000000000000000000000000"
        State = "12025"

Type=1, Ident=1, Len=119, Auth=F6 C9 2D A3 3A F0 1D 4F B7 70 E9 8C 03 25 F4 1D
     Off=20, Attr=79, Len=74        4F 4A 02 01 00 48 12 0A [OJ...H..]
                                    00 00 07 05 00 00 0A 2C [.......,]
                                    EE 01 B6 88 CD D9 6C B8 [......l.]
                                    63 6D 39 8A 18 09 0E 0A [cm9.....]
                                    00 21 31 31 31 31 31 31 [.!111111]
                                    31 31 31 31 31 31 31 31 [11111111]
                                    31 31 40 72 65 61 64 2E [11@read.]
                                    73 69 6D 2E 6B 65 79 2E [sim.key.]
                                    63 6F 6D 00 00 00 10 01 [com.....]
                                    00 01                   [..      ]
     Off=94, Attr=80, Len=18        50 12 28 D8 E1 51 E0 35 [P.(..Q.5]
                                    A2 7B 42 F3 45 46 2D 74 [.{B.EF-t]
                                    D6 33                   [.3      ]
     Off=112, Attr=24, Len=7        18 07 31 32 30 32 35    [..12025 ]

         0: 01 01 00 77 F6 C9 2D A3 3A F0 1D 4F B7 70 E9 8C [...w..-.:..O.p..]
        16: 03 25 F4 1D 4F 4A 02 01 00 48 12 0A 00 00 07 05 [.%..OJ...H......]
        32: 00 00 0A 2C EE 01 B6 88 CD D9 6C B8 63 6D 39 8A [...,......l.cm9.]
        48: 18 09 0E 0A 00 21 31 31 31 31 31 31 31 31 31 31 [.....!1111111111]
        64: 31 31 31 31 31 31 40 72 65 61 64 2E 73 69 6D 2E [111111@read.sim.]
        80: 6B 65 79 2E 63 6F 6D 00 00 00 10 01 00 01 50 12 [key.com.......P.]
        96: 28 D8 E1 51 E0 35 A2 7B 42 F3 45 46 2D 74 D6 33 [(..Q.5.{B.EF-t.3]
       112: 18 07 31 32 30 32 35                            [..12025         ]

Recv: Access-Challenge after 1360 ms.
        Message-Authenticator = "445240BD1213AD4C61FA896874D6540A"
        State = "12026"
        Session-Timeout = 180
        EAP-Message = "Request/EAP-SIM(2): (Challenge) 000001090000140781C22033B
AEE51F0DCBE5C3DDB8E0625AC0A773DD6E7EE86E9BAB067E37F0B0500000BE3002AA1516D726BCB4
5FE7F88607681050000E761023726E873D2F067FCA6D3CBA81D82150000B4AB812FF539FD1576074
8EAB938CDABD5CE59958ED06FFD77AA36FFA358776D4EC903B3BBBF5FF217736D1F0160812E43E53
58E5DE904AACEBA90EC2909FF123603C75973B14AC92B82FFBC451FBECB"

Type=11, Ident=1, Len=221, Auth=52 2E EA C2 F9 3F BE A6 44 7D 4F CA 86 CB DB 0D

     Off=20, Attr=80, Len=18        50 12 44 52 40 BD 12 13 [P.DR@...]
                                    AD 4C 61 FA 89 68 74 D6 [.La..ht.]
                                    54 0A                   [T.      ]
     Off=38, Attr=79, Len=170       4F AA 01 02 00 A8 12 0B [O.......]
                                    00 00 01 09 00 00 14 07 [........]
                                    81 C2 20 33 BA EE 51 F0 [.. 3..Q.]
                                    DC BE 5C 3D DB 8E 06 25 [..\=...%]
                                    AC 0A 77 3D D6 E7 EE 86 [..w=....]
                                    E9 BA B0 67 E3 7F 0B 05 [...g....]
                                    00 00 0B E3 00 2A A1 51 [.....*.Q]
                                    6D 72 6B CB 45 FE 7F 88 [mrk.E...]
                                    60 76 81 05 00 00 E7 61 [`v.....a]
                                    02 37 26 E8 73 D2 F0 67 [.7&.s..g]
                                    FC A6 D3 CB A8 1D 82 15 [........]
                                    00 00 B4 AB 81 2F F5 39 [...../.9]
                                    FD 15 76 07 48 EA B9 38 [..v.H..8]
                                    CD AB D5 CE 59 95 8E D0 [....Y...]
                                    6F FD 77 AA 36 FF A3 58 [o.w.6..X]
                                    77 6D 4E C9 03 B3 BB BF [wmN.....]
                                    5F F2 17 73 6D 1F 01 60 [_..sm..`]
                                    81 2E 43 E5 35 8E 5D E9 [..C.5.].]
                                    04 AA CE BA 90 EC 29 09 [......).]
                                    FF 12 36 03 C7 59 73 B1 [..6..Ys.]
                                    4A C9 2B 82 FF BC 45 1F [J.+...E.]
                                    BE CB                   [..      ]
     Off=208, Attr=24, Len=7        18 07 31 32 30 32 36    [..12026 ]
     Off=215, Attr=27, Len=6        1B 06 00 00 00 B4       [......  ]

         0: 0B 01 00 DD 52 2E EA C2 F9 3F BE A6 44 7D 4F CA [....R....?..D}O.]
        16: 86 CB DB 0D 50 12 44 52 40 BD 12 13 AD 4C 61 FA [....P.DR@....La.]
        32: 89 68 74 D6 54 0A 4F AA 01 02 00 A8 12 0B 00 00 [.ht.T.O.........]
        48: 01 09 00 00 14 07 81 C2 20 33 BA EE 51 F0 DC BE [........ 3..Q...]
        64: 5C 3D DB 8E 06 25 AC 0A 77 3D D6 E7 EE 86 E9 BA [\=...%..w=......]
        80: B0 67 E3 7F 0B 05 00 00 0B E3 00 2A A1 51 6D 72 [.g.........*.Qmr]
        96: 6B CB 45 FE 7F 88 60 76 81 05 00 00 E7 61 02 37 [k.E...`v.....a.7]
       112: 26 E8 73 D2 F0 67 FC A6 D3 CB A8 1D 82 15 00 00 [&.s..g..........]
       128: B4 AB 81 2F F5 39 FD 15 76 07 48 EA B9 38 CD AB [.../.9..v.H..8..]
       144: D5 CE 59 95 8E D0 6F FD 77 AA 36 FF A3 58 77 6D [..Y...o.w.6..Xwm]
       160: 4E C9 03 B3 BB BF 5F F2 17 73 6D 1F 01 60 81 2E [N....._..sm..`..]
       176: 43 E5 35 8E 5D E9 04 AA CE BA 90 EC 29 09 FF 12 [C.5.].......)...]
       192: 36 03 C7 59 73 B1 4A C9 2B 82 FF BC 45 1F BE CB [6..Ys.J.+...E...]
       208: 18 07 31 32 30 32 36 1B 06 00 00 00 B4          [..12026......   ]

EAP-Request/SIM_CHALLENGE reserved = 0000 Attributes:
        Name = AT_RAND, Length = 9, Data = 0000140781C22033BAEE51F0DCBE5C3DDB8E0
625AC0A773DD6E7EE86E9BAB067E37F
        Name = AT_MAC, Length = 5, Data = 00000BE3002AA1516D726BCB45FE7F886076
        Name = AT_IV, Length = 5, Data = 0000E761023726E873D2F067FCA6D3CBA81D
        Name = AT_ENCR_DATA, Length = 21, Data = 0000B4AB812FF539FD15760748EAB93
8CDABD5CE59958ED06FFD77AA36FFA358776D4EC903B3BBBF5FF217736D1F0160812E43E5358E5DE
904AACEBA90EC2909FF123603C75973B14AC92B82FFBC451FBECB
RAND received[0] = 140781C22033BAEE51F0DCBE5C3DDB8E
RAND received[1] = 0625AC0A773DD6E7EE86E9BAB067E37F
computeV1XKEY(): permId = 1111111111111111@read.sim.key.com nonceMt = 0A2CEE01B6
88CDD96CB8636D398A1809 versionList = 0001 selectedVersion = 1
master_key = CFDB079A729CED4907F81077D88661A5D74EAD3B
k_encr = E663C57154B27BB43D49C8EBC89C3D67
k_aut = 5B720C106FF0F90A4382088E381B9159
msk = 5866B26E59E1C6528FE3A0B9310455DC56B44E2725E579D15CAA32A6E40A2F7B521AAA8CFD
FDF649138FF519C90CADFE6127B87538200E2CE20DDDD74D1761CD
emsk = 69F9E1E4B9E551CC5E52902D430CB812787537313CC345276D6B63B3560B79466705BB19D
60330160D34C4E12F3F146B0C09D7E2B8AE97707739224A48899871
computeV1Mac(): len = 168 offset = 48 k_auth = 5B720C106FF0F90A4382088E381B9159
nonce = 0A2CEE01B688CDD96CB8636D398A1809
decryptAttributeData(): length = 80
Decrypted attributes:
        Name = AT_NEXT_PSEUDONYM, Length = 8, Data = 0019336F3441446C41306A4D5A7
0756356596B7154772B2B53312D000000
        Name = AT_NEXT_REAUTH_ID, Length = 12, Data = 002A356A4F4C774B77476F4B6F
4150734D634F34596D434D4D325140726561642E73696D2E6B65792E636F6D0000
next_pseudonym = 3o4ADlA0jMZpucVYkqTw++S1-
next_reauth_id = 5jOLwKwGoKoAPsMcO4YmCMM2Q@read.sim.key.com
Sending challenge response
computeV1Mac(): len = 28 offset = 12 k_auth = 5B720C106FF0F90A4382088E381B9159 n
once = 051690D31734BD1B
Copying AT_MAC to pkt, mac = B84F6F5530792C2FFEEE6DA99A7B2D42C6959065
EAP-Response/SIM_CHALLENGE reserved = 0000 Attributes:
        Name = AT_MAC, Length = 5, Data = 0000B84F6F5530792C2FFEEE6DA99A7B2D42
Added response for state "12026" to queue...
Xmit: Access-Request
        EAP-Message = "Response/EAP-SIM(2): (Challenge) 00000B050000B84F6F553079
2C2FFEEE6DA99A7B2D42"
        Message-Authenticator = "00000000000000000000000000000000"
        State = "12026"

Type=1, Ident=2, Len=75, Auth=3E BA F8 98 6D A7 12 C8 2B CD 4D 55 4B F0 B5 40
     Off=20, Attr=79, Len=30        4F 1E 02 02 00 1C 12 0B [O.......]
                                    00 00 0B 05 00 00 B8 4F [.......O]
                                    6F 55 30 79 2C 2F FE EE [oU0y,/..]
                                    6D A9 9A 7B 2D 42       [m..{-B  ]
     Off=50, Attr=80, Len=18        50 12 15 83 17 71 9E 75 [P....q.u]
                                    18 73 AA 0A E0 90 76 39 [.s....v9]
                                    F5 33                   [.3      ]
     Off=68, Attr=24, Len=7         18 07 31 32 30 32 36    [..12026 ]

         0: 01 02 00 4B 3E BA F8 98 6D A7 12 C8 2B CD 4D 55 [...K>...m...+.MU]
        16: 4B F0 B5 40 4F 1E 02 02 00 1C 12 0B 00 00 0B 05 [K..@O...........]
        32: 00 00 B8 4F 6F 55 30 79 2C 2F FE EE 6D A9 9A 7B [...OoU0y,/..m..{]
        48: 2D 42 50 12 15 83 17 71 9E 75 18 73 AA 0A E0 90 [-BP....q.u.s....]
        64: 76 39 F5 33 18 07 31 32 30 32 36                [v9.3..12026     ]

Recv: Access-Accept after 329 ms.
        MS-MPPE-Recv-Key = 5866B26E59E1C6528FE3A0B9310455DC56B44E2725E579D15CAA3
2A6E40A2F7B
        MS-MPPE-Send-Key = 521AAA8CFDFDF649138FF519C90CADFE6127B87538200E2CE20DD
DD74D1761CD
        User-Name = "1111111111111111@read.sim.key.com"
        Message-Authenticator = "F927688034BA3AF0F6F2108D40E0CBAD"
        Framed-IP-Address = 135.140.160.100
        Service-Type = Framed-User
        Session-Timeout = 30
        Termination-Action = Radius-Request
        EAP-Message = "Success(2)"

Type=2, Ident=2, Len=219, Auth=DC 27 9D 9F FC 41 1C AB 5F 6A 55 7C 14 6B AA 39
     Off=20, Attr=26, Len=58        1A 3A 00 00 01 37 11 34 [.:...7.4]
                                    9F 53 C5 C7 16 41 DF 06 [.S...A..]
                                    DF A1 77 F5 AA FA E8 1D [..w.....]
                                    99 43 44 31 31 B5 28 C0 [.CD11.(.]
                                    B1 AC 7C 9B 08 99 67 41 [..|...gA]
                                    31 E7 2C 40 D2 89 1D 03 [1.,@....]
                                    02 B4 60 32 DC E4 7F FB [..`2....]
                                    B8 D5                   [..      ]
     Off=78, Attr=26, Len=58        1A 3A 00 00 01 37 10 34 [.:...7.4]
                                    9F 54 20 43 8F 4E 83 16 [.T C.N..]
                                    BB D3 2C F1 EA 99 38 15 [..,...8.]
                                    12 FF 81 A1 9B 8E D4 97 [........]
                                    85 01 5D C4 8A 58 5C 8E [..]..X\.]
                                    95 53 00 1C E7 4B 39 2B [.S...K9+]
                                    6B 4C FA DB 5D BE 1C C7 [kL..]...]
                                    02 61                   [.a      ]
     Off=136, Attr=1, Len=35        01 23 31 31 31 31 31 31 [.#111111]
                                    31 31 31 31 31 31 31 31 [11111111]
                                    31 31 40 72 65 61 64 2E [11@read.]
                                    73 69 6D 2E 6B 65 79 2E [sim.key.]
                                    63 6F 6D                [com     ]
     Off=171, Attr=80, Len=18       50 12 F9 27 68 80 34 BA [P..'h.4.]
                                    3A F0 F6 F2 10 8D 40 E0 [:.....@.]
                                    CB AD                   [..      ]
     Off=189, Attr=79, Len=6        4F 06 03 02 00 04       [O.....  ]
     Off=195, Attr=8, Len=6         08 06 87 8C A0 64       [.....d  ]
     Off=201, Attr=6, Len=6         06 06 00 00 00 02       [......  ]
     Off=207, Attr=27, Len=6        1B 06 00 00 00 1E       [......  ]
     Off=213, Attr=29, Len=6        1D 06 00 00 00 01       [......  ]

         0: 02 02 00 DB DC 27 9D 9F FC 41 1C AB 5F 6A 55 7C [.....'...A.._jU|]
        16: 14 6B AA 39 1A 3A 00 00 01 37 11 34 9F 53 C5 C7 [.k.9.:...7.4.S..]
        32: 16 41 DF 06 DF A1 77 F5 AA FA E8 1D 99 43 44 31 [.A....w......CD1]
        48: 31 B5 28 C0 B1 AC 7C 9B 08 99 67 41 31 E7 2C 40 [1.(...|...gA1.,@]
        64: D2 89 1D 03 02 B4 60 32 DC E4 7F FB B8 D5 1A 3A [......`2.......:]
        80: 00 00 01 37 10 34 9F 54 20 43 8F 4E 83 16 BB D3 [...7.4.T C.N....]
        96: 2C F1 EA 99 38 15 12 FF 81 A1 9B 8E D4 97 85 01 [,...8...........]
       112: 5D C4 8A 58 5C 8E 95 53 00 1C E7 4B 39 2B 6B 4C []..X\..S...K9+kL]
       128: FA DB 5D BE 1C C7 02 61 01 23 31 31 31 31 31 31 [..]....a.#111111]
       144: 31 31 31 31 31 31 31 31 31 31 40 72 65 61 64 2E [1111111111@read.]
       160: 73 69 6D 2E 6B 65 79 2E 63 6F 6D 50 12 F9 27 68 [sim.key.comP..'h]
       176: 80 34 BA 3A F0 F6 F2 10 8D 40 E0 CB AD 4F 06 03 [.4.:.....@...O..]
       192: 02 00 04 08 06 87 8C A0 64 06 06 00 00 00 02 1B [........d.......]
       208: 06 00 00 00 1E 1D 06 00 00 00 01                [...........     ]

clientRecvKey=5866B26E59E1C6528FE3A0B9310455DC56B44E2725E579D15CAA32A6E40A2F7B
clientSendKey=521AAA8CFDFDF649138FF519C90CADFE6127B87538200E2CE20DDDD74D1761CD
    ----- statistics -----
    requests: 3
    answers:  3
    timeouts: 0
    errors:   0

    ----- result codes -----
    Access-Accept = 1
    Access-Challenge = 2

    ----- performance -----
    transaction count: 1
    elapsed time(ms):  5812
    trans per second:  0.1720578114246387
    seconds per tran:  5.812

Closing client
Reply count is: 1