Professional Documents
Culture Documents
Gaurav Sharma
Department of Computer Engineering Ramrao Adik Institute of Technology Navi Mumbai, India gaurav.sharma@rait.ac.in
Amarsinh Vidhate
Department of Computer Engineering Ramrao Adik Institute of Technology Navi Mumbai, India vidhate@rait.ac.in
Satish Devane
Department of Computer Engineering Ramrao Adik Institute of Technology Navi Mumbai, India satish@rait.ac.in
Abstract-Universal well as
Mobile
System IP
We propose an improved one-pass IMS authentication procedure which reduces the message delivery cost of the authentication procedures earlier published by
(lJMTS), as a core network can support both circuit-switch as packet-switch services by networks. including supports Multimedia Multimedia
Chen et al.[4],
Subsystem (IMS) as part of its core network. IMS services are used by authenticating user equipment with the UMTS using UMTS AKA and then with the IMS using IMS AKA. This paper concentrates on the IMS authentication and proposes an improved one-pass IMS authentication procedure which will result in reduction in message delivery cost and improvement over IMS AKA. features This such proposed procedure as mutual also preserves and key security authentication
authenticates the UE into the IMS domain by comparing the IMSI of UE derived from the IMPI provided by the UE in the SIP Register message and comparing it with IMSI stored in HSS (lMSIHss(impi)) while user registration. This method was first proposed by procedure also authentication The uses
Lin et
Authentication
&
the
Keywords- Authentication, UMTS, IMS, IMS AKA, SIP, GPRS, CSCF. I. The d 3r Generation
INTRODUCTION
authentication procedure is achieved by making I-CSCF (Interrogating - Call Session Control Function) take the responsibility of Authentication and Key Agreement instead of S-CSCF (Serving - Call Session Control Function). This is possible as both I-CSCF and S-CSCF have the same Zb and Cx interfaces [4] to HSS and use the same Diameter protocol as described by
Partnership
Project (3GPP)
has
proposed the Universal Mobile Telecommunication System (UMTS) which can act as the Core Network (CN). There is also an overlay architecture specified above the packet switched domain in the such core as network, Voice known IP as IP Multimedia Subsystem (lMS) [7]. IMS provides IP based multimedia services over (VoIP), multimedia conferencing, etc.[2]. IMS uses Session Initiation Protocol (SIP) [5] to create and control sessions and SIP function works on Call Server Control Functions (CSCF), which plays an important role in IMS authentication. The User Equipment (UE), in order to use multimedia services, must first authenticate itself to the packet-switch domain. This authentication is done using UMTS AKA (Authentication
Chen et al.
IMS authentication procedure. The proposed one-pass IMS authentication protocol can reduce the redundancies and the authentication generation security. The rest of the paper is structured as follows. Section II presents the 3GPP UMTS IMS architecture IV presents the performance analysis proposed procedure with IMS AKA method. II.
RELATED WORK
costs
of
the
original
two-pass with
IMS the
authentication protocol with the same infrastructure and key algorithms without compromising
&
IMS AKA
the [1]
&
which is
based on challenge-response scheme. To authenticate UE, UMTS uses International Mobile Subscriber Identity (lMSI) as the subscriber's identity which is stored in Subscriber Identity Module (USIM) of UE. In addition to packet-switch domain authentication, UE must also be authenticated in the IMS domain using IMS AKA to access multimedia services. The IP Multimedia Private Identity (IMPI) is stored in IMS Subscriber Identity Module (IS1M) in UE. IMS AKA is also a challenge response based procedure and although IMS is overlay architecture over packet-switch domain, a separate IMS AKA is very essential in order to prevent fraudulent IMS usage [3]. UMTS
This section presents an overview of the 3GPP UMTS IMS Architecture It also describes the two-pass IMS AKA procedure.
A.
Circuit Card (UICC). The UICC is composed of a Subscriber Identity Module (SIM), a UMTS Subscriber Identity Module (USIM) and an IMS Subscriber Identity Module (lSIM). The International Mobile Subscriber Identity (IMSI) and IP Multimedia Private Identity (IMP!) are used for the UMTS and IMS authentication protocols, respectively [1].
211
Step I I:
UE sends a SIP Register message to P-CSCF through SGSN with the user's Multimedia Private Identity). P-CSCF then forwards this message to CSCF.
IMPI
(IP
1-
Step 12
&
13: I-CSCF exchanges the User Authorization Request (UAR) and User Authorization Answer (UAA) pair with HSS to obtain the name of the S-CSSF that is serving UE.
After identifYing address of S-CSCF, I-CSCF forwards the Register message to the S-CSCF. If S-CSCF does not have a valid authentication vector (AV) array for UE, S CSCF array. Otherwise, this Step a. b. c. d. e. sends a Multimedia Authentication Request (MAR) to HSS for obtaining an A V
UMTS Terrestrial Radio Access Network (UTRAN) consists of the Radio Network Controllers (RNC) and Base Station (Node B). UTRAN connects the UE with the Core Network (CN). Packet-switch Domain is located in the Core Network. It also contains the Gateway GPRS Support Node (GGSN) network. The IP Multimedia Subsystem (IMS) contains Call Session Control Functions (CSCFs) used for signaling process. B. IMS AKA
&
RAND,
&
CK,
&
Step 16:
'n'
AVs and
sends it to S-CSCF through a Multimedia Authentication Answer (MAA) message. Step 17: S-CSCF selects an AV [i] CSCF Then, Step 18: through ICSCF a SIP message. forwards the SIP 401 Unauthorized message to the P-CSCF. P-CSCF keeps parameter Step 19:
Authentication
&
sends it to 1Unauthorized
401
& IK;.
Both
(IPsec) UE
RES, CK; IK; & CK; are used for IP security security association between UE & P
&
now, employs RES as the password of HTTP digest to derive the digest response of the authentication request header defined in [8] sends it to S-CSCF through P-CSCF CSCF. Step IlO:
Figure 2. IMS AKA Authentication Procedure
& & 1-
S-SCSF verifies digest-response using XRES;. If the result is positive, S-CSCF sends a Server Assignment Request (SAR) to HSS informing about which S-CSCF will serve the UE.
Once the UE successfully completes the packet-switch domain authentication, UMTS AKA [10]
&
packet data
protocol (PDP) context activation [6], UE can request IMS services through IMS authentication procedure using IMS AKA [2]. The IMS AKA procedure:
Step 111:
HSS receives SAR and stores the S-CSCF name and replies with a Server Assignment Answer (SAA) to S-CSCF.
Step Il2:
XRES;
as the password of
response-auth
of
Authentication-Info
215
200
OK message with
I-CSCF first checks whether whether RSN is larger than acceptable time window, cannot be larger than
TS
is in the
response-auth
to UE through I-CSCF
&
acceptable time window, if yes, it then checks If there is a replay attack with
P-CSCF. The IMS AKA procedure correctly authenticates the UE in the IMS domain and preserves both, mutual authentication and key agreement. III.
PROPOSED IMPROVED ONE-PASS IMS AUTHENTTCATON
SNmax. TS
even
RSN
SNmux,
and
thereby pair
preventing replay attacks [1]. I-CSCF, then stores the sequence number Step G2: I-CSCF sends
imsi
impi
SNmax.
the User Authorization
IMPI
Request (UAR) to HSS to obtain the name of the S-CSCF that is serving UE. I-CSCF also sends Multimedia Authorization
to assigning the requested server to UE as far as the authentication procedure is concerned. The overhead of authenticating the IMS user is transferred to I-CSCF whose role earlier was just to find the appropriate S-CSCF from HSS and redirect the request from P-CSCF to the S-CSCF. This concept was first presented by same Zb and HSS. Moreover, unlike IMS AKA, in the proposed procedure the random number [1]. Step G3:
Chen et al.
in [4] for
Cx
Diameter protocol and, hence, share the same trust level with
RAND
A.
IMShrss(impi)
AV(1". n)
AV(l". n)
IMPI
exist,
then only User Authorization Request (UAR) User Authorization Answer (UAA) messages are exchanged between I-CSCF and HSS to obtain the name of the S-CSCF that is serving UE in Step G2 and Step G3. Step G4: Once I-CSCF identifies the address of S CSCF, it forwards the Register Authorization message to the S-CSCF containing an unused array from AV(J". n). Step GS
IMPI
and
& G6:
After
receIvIng
Register
Authorization
message in the previous step, S-CSCF sends SAR message to HSS to inform which S CSCF will serve the UE. Then, HSS stores the name of the S-CSCF and sends back a SAA message as a response to S-CSCF. Step G7:
Figure 3. Proposed Improved One-Pass IMS Authentication
S-CSCF
selects
one
unused
array
from
AV(l". n)
and sends a
parameter values
The Improved One-Pass IMS Authentication procedure: Step G1: UE sends a SIP Register message with values Step G8:
P-CSCF.
a random number
=
RAND
based which
a random sequence
TS II RSN),
passes through the UMTS PS domain and P CSCF and arrives at I-CSCF.
CK(i) & IK(i) and then 200 OK message with the parameters IMP!, RAND(i), XRE S(i) to UE. UE computes RES(i), CK(i) & IK(i) using the same functions described in Step G3 from [11] and then checks whether RE S(i) XRE S(i) to
=
authenticate
the
S-CSCF.
If
so,
the
registration is complete
&
216
Association (SA) is created between UE and P-CSCF. The proposed procedure requires less number of messages for correctly authenticating the UE in the IMS domain, thereby; decreasing the message delivery cost and preserves both, mutual authentication and key agreement as desired. IV.
PERFORMANCE ANALYSIS With n AV previously issued
4+4a
2+4a
2+4a
The performance of the proposed IMS authentication procedure is evaluated in terms of message delivery cost and improvement over IMS AKA
.
We can also calculate the Average Message Delivery Cost CG for the proposed method using the following formula proposed by
A.
CG
Lin et al.
in [3] as follows:
(3) (4)
authentication method is in terms of number of messages required for authentication or the message delivery cost. For the evaluation of the proposed method in [3]. we adopt the assumptions suggested by Lin Assumptions: The delivery cost from the UE to the S-CSCF is one unit. The cost between CSCFs unit. a<1 If I-CSCF does not have valid AV, the delivery cost CGI of the proposed authentication method can be expressed as:
2 +4a
The comparison of the average message delivery cost for IMS AKA, as follows:
TABLE II. AVERAGE MESSAGE DELIVERY COST
et al.
&
HSS/another CSCF is a
4+ 4+
( ) a
2+ 4+
( ) a
2 +4a
CG1
2+4a
&
(1)
08 are
We can clearly observe that CI> CL > CG. Hence, there is a reduction in the Average Message Delivery Cost in the proposed method as compared to IMS AKA authentication procedures. B.
Messages in Steps 0 I and 04, Steps 07 from UE to CSCF they both cost I unit each [3].
considered as one message each and since both of them are Messages in Steps 02, 03, 05, and 06 are considered as four independent messages with message delivery cost unit each as they are between CSCF and HSS/other CSCF. If I-CSCF does have valid AV, the delivery cost CG2 of the proposed authentication method can be expressed as
a
&
other
Lin et al.
in [4].
CG2
Fig.3.
2+4a
SG SG
where
CI-CG
=
(2)
=
CI m+xa
(5) (6)
It contains the same set of messages as described in Thus, in either case the message delivery cost for the proposed method is the same. We compare the message delivery cost of the proposed method with Long
------
2(1+a)m+xa
SG
We compare the improvement of the proposed method and the one proposed by
TABLE III.
TABLE I.
IMSAKA CI
Long etal CL
No AV issued previously
m 2(1+a)m+xa
m+xa 2(1+a)m+xa
4+6a
2 +6a
2+4a
217
<
improvement in the proposed method over IMS AKA compared to the method proposed by
Figure 5. Comparison of the message delivery cost improvement of the proposed authentication procedure and Long et aI. 's procedure.
Long et
al. [I]
Long et
SL
Similarly, we
n 2n+(2n+ 1)a
show the improvement
x = m
(7)
of [4]. the
The proposed improved one-pass IMS authentication procedure shows reduction in the message delivery cost during the IMS authentication. It also shows improvement over previous methods and reduces the time for /
n
can
SG
m+xa
=
n+a
=
2(1 +a)m+xa
2n+(2n+ 1)a
(8)
authentication as desired. In fact, the message delivery cost is reduced and not only matches with the method proposed by
Lin et
al.
in
[3]
but
also
overcomes
its
security
deficiencies with mutual authentication and key agreement as expected from an IMS authentication procedure.
REFERENCES [I] Xuelian Long, James Joshi, "Enhanced One-Pass IP Multimedia Subsystem Authentication Protocol for UMTS", IEEE, International Conference on Communications (ICC), May 2010. Chung-Ming Huang, Jian-Wei Li, "One-Pass Authentication and Key Agreement in IP Multimedia Subsystem for UMTS", IEEE, 21" International Conference on Advanced Information Networking and Applications (AINA'07), May 2007. Vi-Bing Lin, Ming-Feng Chang, Meng-Ta Hsu, Lin-Yi Wu, "One Pass GPRS and IMS Authentication Procedure for UMTS", IEEE Journal on Selected Areas in Communications, June 2005. Guangquan Chen, Mei Song, Junde Song, Wenjing Ma "Improved Authentication and Key Agreement Procedure in IP Multimedia Subsystem for UMTS", IEEE, International Conference on MultiMedia and Information Technology, 2008. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson,
[2]
[3]
[4]
Figure 4.
[5]
Figure 4 plots the improvement achieved by the proposed procedure over IMS AKA for different values of nand
u.
[8]
[9]
[10] Jon Robert Dohmen, Lars S0mo Olaussen, "UMTS Authentication and Key Agreement", Agder University College, Norway, May 2001. [II] 3GPP, 3rd Generation Partnership Project; Technical Specification Group Services and Systems Aspects; Network architecture (Release 9) Tech. Spec. 3G TS 23.002 V9. 0. 0 (2009-06), 2009
218