TY - JOUR
T1 - Efficient and provably secure IP multimedia subsystem authentication for UMTS
AU - Huang, Chung Ming
AU - Li, Jian Wei
PY - 2007/11
Y1 - 2007/11
N2 - In a Universal Mobile telecommunications system IP multimedia subsystem (IMS), even when an IMS subscriber has passed the packet-switch domain authentication, the IMS subscriber's identity must be confirmed by the IMS authentication again before accessing IMS services. Both the packet-switch domain and the IMS authentications are necessary for the IMS subscriber. This is referred to as a two-pass authentication. However, the packet-switch domain authentication is carried out by the authentication and key agreement (AKA) of the 3rd generation partnership projects (3GPP), called 3GPP AKA; the IMS authentication is carried out by IMS AKA. Since IMS AKA is based on 3GPP AKA, almost all of the operations are the same. It is inefficient because almost all the involved steps in the two-pass authentication are duplicated. Hence, the one-pass authentication was proposed to increase the efficiency of the IMS authentication. Unfortunately, the one-pass authentication has some security problems and loses the mutual AKA capabilities. Therefore, in this paper, an evolutionary IMS AKA (E-IMS AKA) in the IMS authentication is proposed to replace the IMS AKA. E-IMS AKA not only adheres to the security requirements of IMS AKA, but also maintains the efficiency of the one-pass authentication method.
AB - In a Universal Mobile telecommunications system IP multimedia subsystem (IMS), even when an IMS subscriber has passed the packet-switch domain authentication, the IMS subscriber's identity must be confirmed by the IMS authentication again before accessing IMS services. Both the packet-switch domain and the IMS authentications are necessary for the IMS subscriber. This is referred to as a two-pass authentication. However, the packet-switch domain authentication is carried out by the authentication and key agreement (AKA) of the 3rd generation partnership projects (3GPP), called 3GPP AKA; the IMS authentication is carried out by IMS AKA. Since IMS AKA is based on 3GPP AKA, almost all of the operations are the same. It is inefficient because almost all the involved steps in the two-pass authentication are duplicated. Hence, the one-pass authentication was proposed to increase the efficiency of the IMS authentication. Unfortunately, the one-pass authentication has some security problems and loses the mutual AKA capabilities. Therefore, in this paper, an evolutionary IMS AKA (E-IMS AKA) in the IMS authentication is proposed to replace the IMS AKA. E-IMS AKA not only adheres to the security requirements of IMS AKA, but also maintains the efficiency of the one-pass authentication method.
UR - http://www.scopus.com/inward/record.url?scp=35648966580&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=35648966580&partnerID=8YFLogxK
U2 - 10.1093/comjnl/bxm029
DO - 10.1093/comjnl/bxm029
M3 - Article
AN - SCOPUS:35648966580
SN - 0010-4620
VL - 50
SP - 739
EP - 757
JO - Computer Journal
JF - Computer Journal
IS - 6
ER -