Friday, October 29, 2021

Radiator 4.26 now available

We are pleased to announce the release of Radiator version 4.26. This version contains new features, enhancements, and bug fixes. 

Selected compatibility notes, enhancements and fixes

  • TLSv1.3 is currently disabled for AuthBy DUO.
  • AuthBy SQLTOTP now supports CHAP, MSCHAP and MSCHAPv2. EAP-MSCHAPv2 is supported with MSCHAPv2 conversion. Encrypted PIN is now supported for PAP, EAP-OTP and EAP-GTC.
  • Radiator SIM Pack 2.7 and Carrier Pack 1.7, or later, are strongly recommended.

Known caveats and other notes

  • TLSv1.3 remains disabled by default for TLS based EAP methods and Stream based classes, such as RadSec.
  • EAP-FAST functionality is reported to vary between TLS versions, TLS library security level settings and client implementations.

More detailed changes can be found in the revision history.

Radiator packages are available to download for current licensees from the downloads page and the Radiator repository.

Access to download the latest release can be renewed by placing an online renewal order or contacting sales@radiatorsoftware.com


Friday, October 15, 2021

Radiator provides IMSI privacy for EAP-SIM, EAP-AKA and EAP-AKA’ authentication

In many high traffic areas such as sports stadiums, shopping venues, or public transport hubs, mobile carriers may partner with the local Wi-Fi providers to improve coverage and user experience: mobile devices can be automatically connected to Wi-Fi instead of congested cellular network. Internationally, Wi-Fi roaming agreements also allow carriers to lower the cellular roaming costs. 

EAP-SIM, EAP-AKA and EAP-AKA’ are SIM-based Wi-Fi authentication methods used to achieve seamless offloading to carrier and partner Wi-Fi, with International Mobile Subscriber Identifier (IMSI) derived from the SIM card acting as a unique identifier for each user. 

On the first ever connection to such a Wi-Fi network, the mobile device communicates its permanent subscriber identity information (IMSI), which is then sent to the home operator for authentication. This identity is sent in the clear. A potential 3rd party adversary installing a Wi-Fi sniffer in the vicinity of such networks can harvest permanent identities and track users. This tracking can also be done by the venue or network owner when connecting to the Wi-Fi network. 

Because of this, mobile operating systems such as iOS15 will show the following warning when joining a Wi-Fi network without IMSI encryption: “your mobile subscriber identity will be exposed”. The similar situation can be seen from the pictures below. 

Privacy warning when authenticating to Wi-Fi network without IMSI encryption

 

Operators risk decreased user satisfaction for Wi-Fi offloading if transmitting IMSI in the open - it may cause users to feel their privacy is being compromised.

Radiator SIM Pack provides IMSI privacy protection 

The solution is to protect user privacy by implementing IMSI encryption for EAP-SIM, EAP-AKA and EAP-AKA’ authentication. As an operator, you can enable IMSI privacy easily: Radiator 3GPP AAA Server handles both encrypted and clear authentication requests. This means IMSI privacy can be offered to devices supporting it without affecting other users. 

Starting already from revision 2.5, Radiator SIM Pack supports IMSI encryption as specified in 3GPP S3-170116 document “Privacy Protection for EAP-AKA” (zip), and WBA’s IMSI Privacy Protection for Wi-Fi – Technical Specification. The feature is already implemented by some of our operator customers to cover their AAA server encryption. 

The latest release of Radiator SIM Pack is available for new licensees and for licensed customers with valid download access. To find out if Radiator SIM Pack suits your needs, you can contact us at sales@radiatorsoftware.com and a member of our sales team will be happy to assist you. 

You can also contact us to renew your support contract and get access to the newest release. A full history of Radiator SIM Pack releases is available on our website.

Tuesday, October 5, 2021

Radiator and NCINGA - working together towards customer success

 

 

 

While Radiator has hundreds of operator customers all over the world, we also have an extensive network of integrator partners providing turn-key solutions for our customers. One of these trusted integrators is NCINGA.  As NCINGA is known to provide technology transformations in frontier markets, they also provide Radiator AAA solutions to operators and carriers especially in the APAC area.

This collaboration has provided solutions to customers both for fixed and wireless AAA. In
different use cases, the main focus in the cooperation has involved integrating Radiator
solutions with different vendor environments and network elements. Radiator is used for
example when applying policy and control functionalities for end user data plans.

    “With Radiator, we were able to quickly deliver complex AAA implementations. It was easy
    to configure and extend to the customers need. The Radiator Technical Support team made
    it even easier to implement & support with prompt responses and guidance.” 

    -Kokum Randeni, VP Sales, Ncinga

One of the key elements in the working model has been the flexibility in Radiator licensing:
the components needed by the customer can be tailored to the use case and number of
subscribers. This way the ROI for the customer can be ensured as they can add new
features of Radiator to use when needed.

For the customer, the operating model is quite easy and straightforward: NCINGA and their
team of experts provide the first level support and integration consultation, and the Radiator
team provides the product-related 2nd level support and consultation related to Radiator
specific configuration and other needs.

Would you like to know more about Radiator and NCINGA?

If you are looking for a carrier-grade AAA server with flexible options for different use cases,
please do not hesitate to contact our sales team at sales(a)radiatorsoftware.com. For
NCINGA, please contact their sales team at www.ncinga.net.


Examples of Radiator use include carrier-grade AAA, Wi-Fi offloading, integrating Diameter
online and offline charging with RADIUS-based infrastructure, integrating RADIUS
accounting with Diameter online and offline charging and much more. On top of that, our
support team has wide experience of various carrier use cases in different environments.