Analyzing secure key authentication and key agreement protocol for promising features of IP multimedia subsystem using IP multimedia server-client systems

摘要

Recently, Session Initiation Protocol (SIP) has become a prime signaling protocol for the multimedia communication systems, though none of the researchers have analyzed its promising features, namely access independence, authentication scheme verification, AKA (Authentication and Key Agreement) security properties, 3GPP security properties, signal congestion, bandwidth consumption and computation overhead using the physical multimedia server-client platform. To examine the issues realistically, the existing authentication schemes, such as UMTS AKA, EPS AKA, Cocktail AKA, S AKA, HL AKA and ZZ AKA were designed and developed in the multimedia server-client systems deployed on Linux platform. The cross-examination revealed that the existing schemes failed to satisfy the IMS (IP Multimedia Subsystem) promising features, like mutual authentication, session-key sharing, (perfect) forward secrecy and implicit-key authentication. Thus, this paper proposes a Secure-Key Authentication and Key Agreement protocol (SK AKA) to meet out the standard demands of IMS. To curtail its authentication steps, the secure authentication vector S (AV) computes and dispenses the generated vectors between the multimedia server-client systems in advance, through the serving call session control function S (CSCF) . As a result, the execution steps of UMTS AKA are annulled for the sake of accomplishment of the IMS features. In addition, the protocol of SK AKA integrates the strategies of Context Identity C (ID) and Elliptic Curve - Diffie Hellman (EC-DH) to resist most of the potential attacks like SIP flooding, forgery, man-in-the-middle, password guessing and key impersonation. To analyze the parameters, such as (SIP) Flooding Attack Detection Rate, End-To-End Delay of Multiple Voice Call Session, Call Success Rate, SIP Utilization, RTP Utilization, Call Response Time, Bandwidth Consumption and Signalling Congestion realistically, the proposed and existing authentication schemes have been coded and integrated in the real-time IMS client-server system. Above all, the thoroughgoing research has revealed that the proposed protocol of SK AKA accomplishes all the IMS challenges: 1. Adhere the promising features of IMS; 2. Attack resiliency; and 3. Fulfill the promising parameters of IMS, in comparison with the other existing schemes.