mn ha authenticator command issue
Download
Skip this Video
Download Presentation
MN-HA Authenticator Command Issue

Loading in 2 Seconds...

play fullscreen
1 / 9

MN-HA Authenticator Command Issue - PowerPoint PPT Presentation


  • 102 Views
  • Uploaded on

MN-HA Authenticator Command Issue. Nobuyuki Uchida QUALCOMM Inc., December 10, 2003. Background.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' MN-HA Authenticator Command Issue' - hasad-dean


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
mn ha authenticator command issue

MN-HA Authenticator Command Issue

Nobuyuki Uchida

QUALCOMM Inc.,

December 10, 2003

background
Background
  • A bug exists in RFC 2002 where it fails to include the SPI in the calculation of the MN-HA authenticator. SPI was not included in the MN-HA authenticator in IS-835-A, but it was modified in IS-835-B/C. (no compatibility between IS-835-A and B/C) IS-835 doesn’t consider 2002bis yet.
  • Currently, IS-820-A supports MN-HA authenticator based on RFC 2002. We need to come up with a method to support #3.
mn ha authenticator in is 820 a
MN-HA Authenticator in IS-820-A

P2 contains chaining information as follows:

P2 = ‘00’ or ‘02’:

Command parameters/data:

P2 = ‘01’ or ‘03’:

Command parameters/data:

mobile ip capability parameter
Mobile IP Capability Parameter
  • Section 3.5.8.4 of IS-683-C
    • Block ID = 0x03
    • Parameters
      • MAX_NUM_NAI
      • MAX_NAI_LENGTH
      • MAX_MN-AAA_SS_LENGTH
      • MN-AAA_AUTH_ALGORITH
      • MAX_MN-HA_SS_LENGTH
      • MN-HA_AUTH_ALGORITH
      • RESERVED
  • MN-HA_AUTH_ALGORITH
    • Authentication Algorithm (MN-HA) Supported by the R-UIM
    • MD5 is only supported in IS-683-C
mobile ip user profile parameter
Mobile IP User Profile Parameter
  • Section 3.5.8.6 of IS-683-C
    • Block ID = 0x05
    • Parameters
      • RETRY_INFO_INCLUDED
      • MAX_NUM_ENTRY
      • FIRST_ENTRY_TIMEOUT
      • REREG_THRESHOLD
      • NUM_NAI
      • NAI_ENTRY_INDEX
      • NAI_LENGTH
      • NAI
      • T_BIT
      • HOME_ADRESS
      • PRRIMAY_HOME_AGENT
      • SECONDARY_HOME_AGENT
      • MN-AAA_ALGORITHM
      • MN-AAA_SPI_Indicator
      • MN-AAA_SPI
      • MN-HA_ALGORITHM
      • MN-HA_SPI_Indicator
      • MN-HA_SPI
      • RESERVED
  • MN-HA_AUTH_ALGORITH
    • Authentication Algorithm (MN-HA) used by the R-UIM
    • MD5 is only supported in IS-683-C
current proposal
Current Proposal
  • Assign a new value for MN-HA_AUTH_ALGORITHM in IS-683
    • Mobile IP Capability Parameter (EF6F4B)
    • Mobile IP User Profile Parameter (EF6F4D)
requirements
Requirements
  • If the Service n38 (3GPD-MIP) in EF6F32 (CDMA Service Table) is allocated and activated, and B2 of Byte 1 in EF6F48 (ME 3GPD Operation Capability) is set to 1, the R-UIM shall set both MD5 with SPI and MD5 without SPI to 1 in the Mobile IP Capability Parameters.
  • All MEs supporting RFC 2002 shall also support the capability to include SPI into the protected field based on the setting of MN-HA_AUTH_ALGORITH in the Mobile IP User Profile Parameters.
operation
Operation
  • MN-AAA_AUTH_ALGORITHM in EF6F4D = 0001 (MD5 without SPI)

The protected fields (Registration-Data) in the MN-HA Authenticator command are:

    • the UDP payload
    • all prior Extensions in their entirety, and
    • the Type and Length of this Extension
  • MN-AAA_AUTH_ALGORITHM in EF6F4D = 0010 (MD5 with SPI)

The protected fields (Registration-Data) in the MN-HA Authenticator command are:

    • the UDP payload
    • all prior Extensions in their entirety, and
    • the Type, Length and SPI of this Extension
ad