CN1239009C - Quick abstract identification method for IP multimedia domain user's call - Google Patents

Abstract

The present invention discloses a method for the rapid digest authentication of user calls of an IP multimedia domain (IM). A call invite which generates a nonce value and a response value is sent to a verification party by user terminal equipment (UE), wherein the nonce value is generated by a user according to a standard time method. The response value is the value which is obtained by calculating an IMPU, the nonce value and a requested URI (uniform resource identifier) by using a hash function (MD5). A delayed verification method is adopted by the verification party for authenticating the user. Three steps of the original digest authentication method are changed into two steps by the method. Thus, the method for the rapid digest authentication of user calls of an IP multimedia domain (IM) is simpler than the original digest authentication method, and the speed of authentication is increased.

Description

Fast Digest Authentication Method for IP Multimedia Domain User Call

technical field

The invention relates to the technology in the field of confidentiality and safety communication, in particular to the field of access security mechanism of IP multimedia domain (IM) in the third generation mobile communication network (3G).

Background technique

In the 3G network, the IM access security mechanism mainly includes: the confidentiality of the user identity, the use of IM to disclose the identity, and the protection of the IM over the air; the user authentication when registering or re-registering, using the SIP Authentication and Key Agreement (SIP AKA: SIP Authentication and key agreement). Agreement) mechanism; Session Initiation Protocol (SIP: Session Initiated Protocol) signaling protection, providing data confidentiality and integrity protection, relying on the password message syntax (CMS: Cryptography Message Syntax) mechanism and network area security/IP (NDS/ IP) mechanism, etc.

Referring to Fig. 1, Fig. 1 is a security mechanism for IP multimedia domain access in a 3G network. The functional forms of the call state control function (CSCF: Call State Control Function) are: proxy call state control function (P-CSCF: Proxy CSCF) 102, inquiry call state control function (I-CSCF: Interrogating CSCF) 103, service call state Control function (S-CSCF: ServingCSCF) 104 .

Among them, the P-CSCF 102 is the first access point of the user terminal (UE) 101 in the IM subsystem, and its address is obtained by the UE after context activation. The function of the P-CSCF 102 is like a proxy, responsible for transmitting the SIP request to I-CSCF 103, authorization of bearer resources and QoS management, security issues, support of emergency calls in the visited network, call monitoring and logging of roaming users; S-CSCF 104 completes the session control function for endpoints, according to business needs Maintain the state of the session; I-CSCF103 is mainly the access point for all connections of users in the operator network. In an operator network area, there can be multiple I-CSCFs. The basic functions are: assign an S-CSCF to User performing registration; routing SIP request from another network to S-CSCF; obtaining address of S-CSCF from Home Location Server (HSS); forwarding SIP request/response.

The protection mechanism between the user terminal equipment (UE) 101 and the P-CSCF 102 adopts the CMS mechanism according to the 3GPP standard specification to realize IM air protection; between the P-CSCF 102, the I-CSCF 103 and the S-CSCF 104, the NDS/ IP mechanism, that is, IP SEC ESP mechanism; between UE 101 and S-CSCF104, the user authentication mechanism when IM user registration or re-registration adopts SIP AKA mechanism to provide user authentication and key distribution functions.

See Figure 2. Figure 2 shows the user authentication process for registration or re-registration. Using the SIP AKA mechanism, user authentication in the case of registration or re-registration includes user authentication and distribution of keys used by the P-CSCF. The specific process is as follows:

1. The UE under the visited network sends a registration request to the P-CSCF;

2. The P-CSCF continues the registration request and sends it to the I-CSCF under the home network;

3. The I-CSCF sends a key inquiry message to the HSS;

4. The HSS returns a key inquiry response message to the I-CSCF;

5. The I-CSCF sends a key selection pop-up message to the HSS;

6. The HSS returns a key selection pop-up response message to the I-CSCF;

7. After the I-CSCF assigns an S-CSCF to the registered user, it sends a registration request to the S-CSCF;

8. The S-CSCF sends a key input message to the HSS;

9. The HSS sends a key input response message to the S-CSCF;

10. The S-CSCF sends a key authentication data request to the HSS;

11. After the HSS selects the authentication vector (AV), it returns a key authentication data response to the S-CSCF, which contains a random number (RAND: Random challenge), an authentication identifier (AUTN: Authentication Token), and an expected response (XRES: Expected Response), integrity key (IK: Integrity Key), key (CK: Cipher Key) parameters;

12. If the authentication is unsuccessful, the S-CSCF returns a 401 Unauthorized message to the I-CSCF with parameters RAND, AUTN, IK, and CK;

13. The I-CSCF returns the above 401 Unauthorized message to the P-CSCF;

14. The P-CSCF returns a 401 Unauthorized message to the UE, which contains RAND and AUTN parameters;

15. The UE sends a re-registration request to the P-CSCF with a response source (RES) parameter;

16. The P-CSCF continues the request and sends the request to the I-CSCF;

17. The I-CSCF sends a key inquiry message to the HSS;

18. The HSS returns a key inquiry response message to the I-CSCF;

19. The I-CSCF sends a registration request to the S-CSCF with a RES parameter;

20. After receiving the registration request for authentication, the S-CSCF sends a key pop message to the HSS;

21. The HSS returns the key pop-out response to the S-CSCF;

22. The S-CSCF returns an authorization success message to the I-CSCF;

23. The I-CSCF continues the message and returns the authorization success message to the P-CSCF;

24. The P-CSCF follows the message and returns the authorization success message to the UE.

It can be seen from the authentication process that using the SIP AKA mechanism, user authentication for registration or re-registration is complicated. In the process from step 1 to step 14 and step 15 to step 24, two round trips are required.

Referring to Fig. 3, Fig. 3 is a call flow of SIP. In the absence of an effective user authentication mechanism, the protection of SIP signaling can be used, relying on the CMS mechanism and the NDS/IP mechanism to realize part of the authentication function. This method needs to expand the SIP standard, and because the NDS/IP mechanism is a network layer security mechanism, and it is implemented segment by segment, for example, some network segments may not provide encryption mechanisms, or some network segments cannot provide encryption mechanisms at the initial stage of network construction. Security protection, security cannot be reliably guaranteed. The specific call flow is as follows:

1. The UE sends an INVITE request to the P-CSCF;

2. The P-CSCF sends the request to the S-CSCF;

3. S-CSCF performs service control;

4. S-CSCF sends an INVITE request to other networks;

5. The network receiving the INVITE request returns the session description protocol to the S-CSCF;

6. The S-CSCF continues the session description protocol, and returns the session description protocol to the P-CSCF;

7. P-CSCF authorizes quality of service (QOS) resources;

8. The P-CSCF returns the session description protocol to the UE.

The SIP protocol itself has some identity authentication functions, including: basic authentication mechanism, digest authentication mechanism, and PGP (Pretty Good Privacy) authentication mechanism. The basic authentication mechanism is very simple, and the user ID number and password are transmitted in plain text, so the security is very low. The abstract authentication mechanism is an improvement to the basic authentication mechanism, that is, the key processing of the user number and password is processed with a hash function, and then transmitted, thus improving the security. The PGP scheme is more secure and complex to implement.

In the SIP call process, steps 1 and 2 include digest authentication. Referring to FIG. 4, FIG. 4 is a schematic diagram of a digest authentication mechanism. This method requires three steps to complete the authentication of the user, and the process is as follows: the user first sends a request to the verification party to access the Uniform Resource Identifier (URI: Uniform Resource Identifier); the verification party generates a query, that is, the current value (Nonce value), and Sent to the user; the user feeds back an answer (CheckSum) to the verifier. Among them, Nonce is a data string specified by the authenticator, and a unique value is generated each time a 401 response is generated, and the string is BASE64 or hexadecimal data. The purpose of Nonce is to prevent replay attacks, that is, to prevent attackers from replaying intercepted messages; the checksum is to use the hash function MD5 to check the user name, password, given Nonce value, Hypertext Transfer Protocol (HTTP: Hyper Text Transfer Protocol) ) method and the requested URI. MD5 is the Message Digest 5 algorithm, which processes the hash compressed information block by 512 bits.

It can be seen from the above-mentioned steps of digest authentication that since it takes three steps to complete the digest authentication, it takes a long time for the SIP call process to complete the authentication.

Contents of the invention

The purpose of the present invention is to provide a method for realizing rapid summary authentication of user calls in the IP multimedia domain (IM), which changes the original three steps of the summary authentication method into two steps, and accelerates the speed of authentication.

The present invention is realized through the following technical solutions:

A kind of fast summary authentication method that IP multimedia domain user calls, it is characterized in that the method comprises the following steps at least:

A) The user terminal sends a call request to the verifier that carries the parameters of the current value of the user terminal and the response value of the user terminal, wherein the current value of the user terminal and the response value of the user terminal are generated by the user terminal, and the current value of the user terminal is based on the parameters sent Timestamp, and use the hash function to send the timestamp, the multimedia domain user public identity number, and the multimedia domain user's private identity number to calculate the value obtained; the user terminal response value is determined by using the hash function to The value obtained by calculating the current value of the user terminal, the public identity number of the user in the multimedia domain, and the character string of the uniform resource identifier;

B) the verifier judges whether the time interval between the receiving time stamp of the call request arriving at the verifier and the sending time stamp of the user terminal sending the call request exceeds a predetermined time delay, and if it exceeds the predetermined time delay, then execute step D, If the predetermined time delay is not exceeded, then perform step C; wherein, the receiving time stamp and sending time stamp are taken from the standard GMT,

C) The verifier queries the user information according to the public identity number of the IP multimedia domain user, and after obtaining the special identity number of the multimedia domain user, generates the current value of the verifier, and then generates the reply value of the verifier, and combines the reply value of the verifier with the received user terminal reply Values are compared, if they are the same, the user identity of the call request is verified; otherwise, step D is performed; wherein, the current value of the verifier is based on the receiving timestamp and uses a hash function to disclose the receiving timestamp and the multimedia domain user identity number, and the string of multimedia domain user-specific identity number to determine the value obtained by calculating, and the authenticator response value uses a hash function to compare the current value of the authenticator, the public identity number of the multimedia domain user, and the Uniform Resource Identifier The calculated value of the string;

D) The verifier discards the call request and returns an unauthorized message to the user.

Preferably, the current value of the user terminal is the concatenation of the sending timestamp and the value calculated using the hash function MD5 on the sending timestamp: the public identity number of the multimedia domain user: the private identity number of the multimedia domain user;

The current value of the verifier is the concatenation of the receiving time stamp and the value obtained by calculating the string of sending time stamp: multimedia domain user public identity number: multimedia domain user private identity number using the hash function MD5.

The current value of the user terminal and the current value of the verifier are BASE64 coded.

Preferably, the hash function used by the user terminal response value is MD5;

The hash function used by the verifier response value is MD5.

The delay is limited to the time during which the user is synchronized with the system.

The authenticator is the service call state control function entity.

The present invention utilizes the UE to generate the Nonce value and the Response value, and changes the generation of the Nonce value of the digest authentication method to the user according to the standard time method, uses the delay verification method to perform user authentication, and replaces the three steps of the original digest authentication method It becomes two steps without complicated checksum calculation, overcomes the complicated call process of using SIP AKA mechanism, simplifies the digest authentication method of IP multimedia domain user calls, speeds up the authentication, and is suitable for long-term user calls simple authentication.

Description of drawings

Fig. 1 is a schematic diagram of 3G IP multimedia (IM) access security mechanism;

Figure 2 is the user authentication process for registration or re-registration;

Fig. 3 is a SIP call flow;

FIG. 4 is a schematic diagram of a prior art abstract authentication method;

FIG. 5 is a user call authentication process of the fast digest authentication method of the present invention.

Detailed ways

In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and examples.

The method proposed by the present invention to realize the rapid digest authentication of user calls in the IP multimedia domain (IM) is essentially a simplified digest authentication method.

See Figure 5. FIG. 5 is a user call authentication process of the fast digest authentication method of the present invention. The authentication process is described as follows:

1. The UE generates a call request (INVITE) and transmits the request to the P-CSCF. The parameters carried in the request include the Nonce value of the UE side and the Response value of the UE side; the calculation of the parameters is as follows:

① Generation of Nonce value: Nonce value is BASE64 encoded. Nonce=time stamp ‖ MD5 (time stamp ":" IM user's public identity number ":" IM user's private identity number), that is, the Nonce value is a time stamp and uses MD5 to pair time stamp: IM user's public identity number: IM user's private The string of IDs is concatenated to the computed value. Wherein, the time stamp must be taken from the standard Greenwich Mean Time, and it is the sending time stamp of the INVITE request sent by the UE, so as to obtain the Nonce value of the UE side.

②Generation of Response value: Response is the value obtained by using MD5 to calculate the IM user public identity number (IMPU), Nonce value and requested URI, that is, Response=MD5(Nonce":"IMPU":"URI). Wherein, the Nonce is the Nonce value of the UE side, and thus the Response value of the UE side is obtained.

2. The P-CSCF forwards the INVITE request to the S-CSCF, and the request still carries the Nonce value of the UE side and the Response value of the UE side;

3. After receiving the INVITE message, the S-CSCF performs user authentication: if the authentication is successful, proceed to step 4, otherwise, transfer to step 10; the specific authentication process is described as follows:

After receiving the INVITE request, the S-CSCF first checks whether the time interval between the request's receiving time stamp and the request's sending time stamp exceeds a specified time delay, for example, 5 seconds. If the specified time delay is exceeded, the INVITE request will be discarded; if not, the S-CSCF will query the user information according to the IMPU transmitted by the UE, and after obtaining information such as the IM user's private identity number, press Nonce=time stamp∥MD5(time stamp ":" IM user public identity number":"IM user-specific identity number) to generate the Nonce value of the verifier, where the timestamp is the received timestamp, taken from the standard Greenwich Mean Time, and then according to Response=MD5(Nonce value" :"IMPU":"URI) to generate an expected authenticator's Response, where the Nonce value is the authenticator's Nonce value generated above, so that the generated authenticator's Response and the received INVITE request bring the UE's Response value for comparison. If they are the same, the user identity of the INVITE message is verified, and step 4 is performed; otherwise, the INVITE request is discarded, and step 10 is performed, and the S-CSCF feeds back an Unauthorized 401 message to the P-CSCF, and step 11, the P-CSCF will not authorize The 401 message is forwarded to the UE, that is, the authentication is unsuccessful and the call fails.

4. S-CSCF performs service control;

5. The S-CSCF continues to forward the INVITE request to other networks;

6. Other networks pass the SDP message to the S-CSCF;

7. The S-CSCF transmits the SDP message to the P-CSCF;

8. P-CSCF authorizes QoS resources;

9. The P-CSCF forwards the SDP message to the UE, that is, successfully completes a call with authentication;

As can be seen from the above, the basic difference between the fast digest authentication method of the present invention and the digest authentication method in the prior art is that the Nonce is generated by different entities, and the user authentication is performed using a time-delay verification method, so it must be guaranteed through time-delay control safety. If the delay is 0, their security is the same, and the greater the delay, the greater the possibility of message retransmission, so the security of the fast digest authentication scheme is worse than that of the digest authentication scheme. Therefore, it is necessary to limit the time delay between the receiving time stamp and the sending time stamp, and make the time of the IM user and the system synchronized or consistent.

Claims (6)

1. a fast summary authentication method of IP multimedia domain user call, it is characterized in that the method comprises the following steps at least: A) The user terminal sends a call request carrying parameters of the current value of the user terminal and the response value of the user terminal to the verifier, Wherein, the current value of the user terminal and the response value of the user terminal are generated by the user terminal, and the current value of the user terminal is based on the sending timestamp, and using a hash function to pair the sending timestamp, the public identity number of the multimedia domain user, and the multimedia domain user The value obtained by calculating the character string of the special identity number is determined; the user terminal response value is calculated by using a hash function to calculate the current value of the user terminal, the public identity number of the user in the multimedia domain, and the character string of the uniform resource identifier value; B) the verifier judges whether the time interval between the receiving time stamp of the call request arriving at the verifier and the sending time stamp of the user terminal sending the call request exceeds a predetermined time delay, and if it exceeds the predetermined time delay, then execute step D, If the predetermined time delay is not exceeded, step C is executed; Among them, the receiving time stamp and sending time stamp are taken from the standard Greenwich Mean Time, C) The verifier queries the user information according to the public identity number of the IP multimedia domain user, and after obtaining the special identity number of the multimedia domain user, generates the current value of the verifier, and then generates the reply value of the verifier, and combines the reply value of the verifier with the received user terminal reply Values are compared, if they are the same, the user identity of the call request is verified; otherwise, step D is performed; Wherein, the current value of the verifier is determined according to the receiving time stamp and the value obtained by calculating the string of the receiving time stamp, the public identity number of the multimedia domain user and the private identity number of the multimedia domain user by using a hash function; The verifier response value is the value obtained by calculating the current value of the verifier, the public identity number of the multimedia domain user and the character string of the uniform resource identifier using a hash function; D) The verifier discards the call request and returns an unauthorized message to the user. 2. according to the described fast summary authentication method of claim 1, it is characterized in that, The current value of the user terminal is the concatenation of the value obtained by calculating the string of the sending timestamp, the public identity number of the multimedia domain user, and the dedicated identity number of the multimedia domain user using MD5; The current value of the verifier is the concatenation of the received timestamp and the value obtained by calculating the strings of the received timestamp, the public identity number of the multimedia domain user, and the private identity number of the multimedia domain user using MD5. 3. The fast digest authentication method according to claim 1 or 2, wherein the current value of the user terminal and the current value of the verifier are BASE64 codes. 4. The fast digest authentication method according to claim 1, characterized in that, The hash function used by the user terminal response value is the message digest algorithm MD5; The hash function used by the verifier response value is the message digest algorithm MD5. 5. The fast digest authentication method according to claim 1, wherein the time delay is limited to the time during which the user and the system are synchronized. 6. The fast digest authentication method according to claim 1, wherein the verification party is a service call state control function entity.

Images