For im services a new security association is

Info icon This preview shows pages 23–25. Sign up to view the full content.

View Full Document Right Arrow Icon
For IM-services a new security association is required between the UE and the IMS before access is granted to IM- services. The mechanism for mutual authentication in UMTS/LTE is called UMTS/EPS AKA. They are challenge response protocols and the AuC/HSS in the Home Stratum derives the challenge. A Quintet containing the challenge is sent from the Home Stratum to the Serving Network. The Quintet contains the expected response XRES and also a message authentication code MAC. The Serving Network compares the response from the UE with the XRES and if they match 3GPP 3GPP TS 33.203 V12.67.0 (2014-0609) 23 Release 12
Image of page 23

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
the UE has been authenticated. The UE calculates an expected MAC, XMAC, and compares this with the received MAC and if they match the UE has authenticated the Serving Network. The AKA-protocol is a secure protocol developed for UMTS and the same concept/principles is reused for the IP Multimedia Core Network Subsystem, where it is called IMS AKA. NOTE: Although the method of calculating the parameters in UTMS AKA and IMS AKA are identical, the parameters are transported in slightly different ways. In UMTS, the UE’s response RES is sent in the clear, while in IMS RES is not sent in the clear but combined with other parameters to form an authentication response and the authentication response is sent to the network (as described in RFC 3310 [17]). The Home Network authenticates the subscriber at anytime via the registration or re-registration procedures. 5.1.2 Re-Authentication of the subscriber Initial registration shall always be authenticated. It is the policy of the operator that decides when to trigger a re- authentication by the S-CSCF. Hence a re-registration might not need to be authenticated. A SIP REGISTER message, which has not been integrity protected at the first hop, shall be considered as initial registration. The S-CSCF shall also be able to initiate an authenticated re-registration of a user at any time, independent of previous registrations. 5.1.3 Confidentiality protection Possibility for IMS specific confidentiality protection shall be provided to SIP signalling messages between the UE and the P-CSCF. Operators shall take care that the deployed confidentiality protection solution and roaming agreements fulfils the confidentiality requirements presented in the local privacy legislation. The following mechanisms are provided at SIP layer: 1. The UE shall always offer encryption algorithms for P-CSCF to be used for the session, as specified in clause 7. 2. The P-CSCF shall decide whether the IMS specific encryption mechanism is used. If used, the UE and the P-CSCF shall agree on security associations, which include the encryption key that shall be used for the confidentiality protection. The mechanism is based on IMS AKA and specified in clause 6.1.
Image of page 24
Image of page 25
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern