Fixed network access into IMS bidirectional authentication and key distribution method

Abstract

The invention discloses a fixed internet access IMS mutual authentification and a key distribution method which solves the problem that a security mechanism standard structure of the fixed internet access IMS does not have a solution. The method comprises the following steps that: a user terminal originates an authentification request to an HSS through a CSCF and provides a user ID; the HSS returns the response of the authentification request to the CSCF and sends both a CK and an IK to a P-CSCF as well as passing a certificate of an XRES to an S-CSCF; the CSCF returns a login response message to a UE; the user terminal authenticates the integrality of the corresponding part of the returned response message through a shared key of Ku sharing with the HSS and realizes the authentification of the IMS on the internet side; after the certification, the use terminal calculates the certificate of an RES and originates the login request to the CSCF again; the CSCF authenticates the certificate of the RES on the user terminal and the certificate of the XRES of the HSS; after the certification, the CSCF sends a message of a successful user authentification to the HSS. The invention realizes the mutual authentification of the IMS network through a basic encryption and integrality protection arithmetic and completes the distribution of the key.

Description

technical field [0001] The invention relates to an authentication method, in particular to a bidirectional authentication and key distribution method in the process of a fixed network accessing an IMS (IP Multimedia Subsystem). Background technique [0002] IMS (IP Multimedia Subsystem) is a subsystem proposed by 3GPP in Release 5 to support IP multimedia services. Its core feature is the use of SIP protocol and its independence from access. Currently, IMS supports 2G and 3G mobile access methods. Fixed access mode cannot be supported. Under the development trend of network convergence, 3GPP, ETSI and ITU-T are all researching the network convergence solution based on IMS. Convergence of fixed and mobile networks. At present, IMS can basically support the access of 2G and 3G, but it cannot support the access of fixed network yet. [0003] Broadband fixed network users (such as xDSL, HFC, etc.) access to the IMS system is an inevitable trend of future development. The sec...

AI Technical Summary

Problems solved by technology

[0004] In addition, in 3GPP, the authentication process of the user terminal accessing IMS is realized through the IMS AKA mechanism, and the terminal needs to support several necessary security algorithms to realize the complete authentication process. The capability of the network terminal cannot fully meet the requirements of the 3GPP IMS AKA mechanism, and it is necessary to reduce the capability requirements of the 3GPP IMS AKA for the terminal, that is, appropriately reduce the security algorithm

Images