EAP Suite

EtherTrust designs EAP trusted authentication software for Java and SIM smart cards; today three methods are available EAP-TLS, EAP-SIM and EAP AKA, running on standard 64KB Java Card platforms.

These authentication modules are compatible with IEEE 802.16e (WiMAX) or LTE (Long Term Evolution) standards.

From a security point of view:
The mutual authentication:
-EAP-SIM is a mutual authentication process
-A robbery of a triplet is enough to make this fact wrong
-Therefore without protection of triplet by the card the mutual authentication is uncertain

From a confidence point of view:
-From a cryptographic point of view the security level of the SIM card is low
-The norm requires two RANDs values to have a security level around 128 bits
-To achieve this the better way is to have the EAP SIM implemented in the card

From a deployment point of view:
EAP-SIM is easier to use, the operator is ensured about the correct behavior of the authentication protocol and associated options

Type of authentication

Mutual authentication based on run GSM algorithm

Implementation scenarios

Most common
EAP supplicant in the handset in combination with the Run GSM algo of the SIM

Preferred
EAP SIM application fully implemented in the SIM card, two ways:
-As a standalone java card application
-As an integrated feature in the OS
-For both cases it requires specific file architecture as specified in Release 6, which defines EAP Support by the UICC (ETSI TS 102 310).