Mn ha authenticator command issue
This presentation is the property of its rightful owner.
Sponsored Links
1 / 9

MN-HA Authenticator Command Issue PowerPoint PPT Presentation


  • 81 Views
  • Uploaded on
  • Presentation posted in: General

MN-HA Authenticator Command Issue. Nobuyuki Uchida QUALCOMM Inc., December 10, 2003. Background.

Download Presentation

MN-HA Authenticator Command Issue

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Mn ha authenticator command issue

MN-HA Authenticator Command Issue

Nobuyuki Uchida

QUALCOMM Inc.,

December 10, 2003


Background

Background

  • A bug exists in RFC 2002 where it fails to include the SPI in the calculation of the MN-HA authenticator. SPI was not included in the MN-HA authenticator in IS-835-A, but it was modified in IS-835-B/C. (no compatibility between IS-835-A and B/C) IS-835 doesn’t consider 2002bis yet.

  • Currently, IS-820-A supports MN-HA authenticator based on RFC 2002. We need to come up with a method to support #3.


Mn ha authenticator in is 820 a

MN-HA Authenticator in IS-820-A

P2 contains chaining information as follows:

P2 = ‘00’ or ‘02’:

Command parameters/data:

P2 = ‘01’ or ‘03’:

Command parameters/data:


Ota flow 3gpd

OTA Flow (3GPD)


Mobile ip capability parameter

Mobile IP Capability Parameter

  • Section 3.5.8.4 of IS-683-C

    • Block ID = 0x03

    • Parameters

      • MAX_NUM_NAI

      • MAX_NAI_LENGTH

      • MAX_MN-AAA_SS_LENGTH

      • MN-AAA_AUTH_ALGORITH

      • MAX_MN-HA_SS_LENGTH

      • MN-HA_AUTH_ALGORITH

      • RESERVED

  • MN-HA_AUTH_ALGORITH

    • Authentication Algorithm (MN-HA) Supported by the R-UIM

    • MD5 is only supported in IS-683-C


Mobile ip user profile parameter

Mobile IP User Profile Parameter

  • Section 3.5.8.6 of IS-683-C

    • Block ID = 0x05

    • Parameters

      • RETRY_INFO_INCLUDED

      • MAX_NUM_ENTRY

      • FIRST_ENTRY_TIMEOUT

      • REREG_THRESHOLD

      • NUM_NAI

      • NAI_ENTRY_INDEX

      • NAI_LENGTH

      • NAI

      • T_BIT

      • HOME_ADRESS

      • PRRIMAY_HOME_AGENT

      • SECONDARY_HOME_AGENT

      • MN-AAA_ALGORITHM

      • MN-AAA_SPI_Indicator

      • MN-AAA_SPI

      • MN-HA_ALGORITHM

      • MN-HA_SPI_Indicator

      • MN-HA_SPI

      • RESERVED

  • MN-HA_AUTH_ALGORITH

    • Authentication Algorithm (MN-HA) used by the R-UIM

    • MD5 is only supported in IS-683-C


Current proposal

Current Proposal

  • Assign a new value for MN-HA_AUTH_ALGORITHM in IS-683

    • Mobile IP Capability Parameter (EF6F4B)

    • Mobile IP User Profile Parameter (EF6F4D)


Requirements

Requirements

  • If the Service n38 (3GPD-MIP) in EF6F32 (CDMA Service Table) is allocated and activated, and B2 of Byte 1 in EF6F48 (ME 3GPD Operation Capability) is set to 1, the R-UIM shall set both MD5 with SPI and MD5 without SPI to 1 in the Mobile IP Capability Parameters.

  • All MEs supporting RFC 2002 shall also support the capability to include SPI into the protected field based on the setting of MN-HA_AUTH_ALGORITH in the Mobile IP User Profile Parameters.


Operation

Operation

  • MN-AAA_AUTH_ALGORITHM in EF6F4D = 0001 (MD5 without SPI)

    The protected fields (Registration-Data) in the MN-HA Authenticator command are:

    • the UDP payload

    • all prior Extensions in their entirety, and

    • the Type and Length of this Extension

  • MN-AAA_AUTH_ALGORITHM in EF6F4D = 0010 (MD5 with SPI)

    The protected fields (Registration-Data) in the MN-HA Authenticator command are:

    • the UDP payload

    • all prior Extensions in their entirety, and

    • the Type, Length and SPI of this Extension


  • Login