System Implementation and Result

To reduce the effort in developing a VoIP gateway, we use existing, well-developed protocol stacks and endpoints. In our implementation, we use the MGCP and SIP protocol stacks developed by CCL/ITRI, Taiwan and the open-source H.323 protocol stack developed by OpenH323. In addition, our experiment platform includes two residential gateways (RGWs) which are also developed by ITRI using D/41E and D/41ESC cards from Dialogic Corp. The RGWs support MGCP and can connect up to 16 telephones. The ICA platform also supports Microsoft NetMeeting (using H.323) and SIP user agent. The H.323 BCSMs are modified from the source code of the OpenH323's OpenGate that supports registration administration status (RAS) messages and gatekeeper-routed call signaling. We have also developed a SIP proxy/registrar based on the ITRI

SIP protocol stack. Figure 12 summarizes the components used in our platform.

In our experiments, a call can be successfully set up between any two VoIP phones. The Microsoft NetMeeting currently supports only H.323 slow-start version; we use an open-source OpenPhone (with both slow-start and fast-start capabilities) to test the cases of slow-start version. In addition, a Vocal sip proxy, developed by Vovida, was used to test calls between SIP UAs. Since an ICA acts as both SIP proxy and H.323 gatekeeper, an ICA can initiate a call to the phones that are under the control of a SIP proxy or an H.323 gatekeeper without further modification.

The comparison of the delays in establishing a call between various types of phones by OpenGate H.323 gateway, our ICA, and Vocal SIP proxy is depicted at Figure 13. No result of inter-protocol calls through OpenGate and Vocal is listed, because they do not convert the messages of different protocols. Figure 13.a shows call establishment delays for the calls initiated from various types of phones to NetMeeting, which only equipped with slow-start mode, and Figure 13.b shows those for calls to OpenPhone in H.323 fast-start Mode. Although our ICA supports signaling conversion for different VoIP protocols, the results indicates that the ICA sets up calls faster than the OpenGate in all cases except for calls between two NetMeeting users.

ITRI

Figure 12. Components used in our platform.

0

(a) Calls to NetMeeting (slow-start) (b) Calls to OpenPhone (fast-start)

Figure 13. Call establishment delays.

2.5 Conclusions

We have presented a simple, flexible framework for the interworking functions of VoIP protocols based on IN half-call BCSM. In addition, we have implemented the basic gateway components, O_BCSMs and T_BCSMs, for SIP, H.323, and MGCP. Using these components, gateways for SIP/H.323, SIP/MGCP, and MGCP/H.323 can be constructed. This approach simplifies the effort in interworking with a call signaling protocol, such as ISUP and Q.931, in the

network. By using the same interaction events of the half-call model, the BCSMs of a call signaling protocol can interwork with the existing BCSMs. In addition, an ICA containing all the BCSMs is able to translate messages between call signaling protocols. Under this half-call control framework, a converged VoIP network can be managed by a group of coordinating ICAs such that two user devices managed by different ICAs can communicate. The call routing function that determines the location and protocol of the called party has not been fully investigated in this paper. As a mobile user may change his IP address and VoIP devices constantly, this problem becomes even more complicated. We need registration and/or paging schemes to track mobile users in the converged telecommunication network.

Recently, P2P (peer-to-peer) VoIP communications, such as Skype, have become very popular. The interworking function for a P2P VoIP system and a client-server one (such as SIP) is an important issue that needs to be investigated.

Chapter 3

One-Pass GPRS and IMS Authentication Procedure for UMTS

Universal Mobile Telecommunications System (UMTS) supports Internet protocol (IP) multimedia services through IP multimedia core network subsystem (IMS).

Since the IMS information is delivered through the general packet radio service (GPRS) transport network, a UMTS mobile station (MS) must activate GPRS packet data protocol (PDP) context before it can register to the IMS network. In the Third-Generation Partnership Project (3GPP) specifications, authentication is performed at both the GPRS and the IMS networks before an MS can access the IMS services. We observe that many steps in this 3GPP “two-pass” authentication procedure are identical. Based on our observation, this chapter proposes a one-pass authentication procedure that only needs to perform GPRS authentication. At the IMS level, authentication is implicitly performed in IMS registration. Our approach may save up to 50% of the IMS registration/authentication traffic, as compared with the 3GPP two-pass procedure. We formally prove that the one-pass procedure correctly authenticate the IMS users.

3.1 INTRODUCTION

Universal Mobile Telecommunications System (UMTS) proposed by the Third-Generation Partnership Project (3GPP) is a third-generation (3G) mobile telecommunications technology evolved from general packet radio service (GPRS) [20]. Fig. 3.1 illustrates the UMTS packet switched (PS) core network (CN), where the packet data services of a mobile station (MS) are provided by the serving GPRS support node (SGSN) via UMTS terrestrial radio access network (UTRAN). The SGSN connects to the external data network through the gateway GPRS support node (GGSN). Furthermore, the SGSN communicates with the home subscriber server (HSS) and the authentication center (AuC) to retrieve subscriber data and authentication information of an MS. The AuC, which may be collocated with the HSS, is responsible for security management of subscribers. UMTS supports voice and multimedia services through the PS CN based on the Internet Protocol (IP) technology. Specifically, the 3GPP defines IP multimedia core network subsystem (IMS) to support multimedia services such as voice telephony, video, real-time interactive games, messaging, and multimedia conferencing [21].In IMS, multimedia services are provided by call session control function (CSCF) utilizing session initiation protocol (SIP) [6],[22].Three types of CSCFs are defined in IMS: A proxy-CSCF (P-CSCF) located in the visited network of an MS is responsible for redirecting the SIP messages of an MS to the home network (where the HSS/AuC resides). A serving-CSCF (S-CSCF) is located in the home network of the MS to provide session control of multimedia services. The S-CSCF interacts with the application servers to obtain value added services. Furthermore, the S-CSCF communicates with the HSS and the AuC to receive IMS-related subscriber data and authentication information of the MS. An interrogating-CSCF (I-CSCF) is a firewall for the SIP messages toward the home network, and is responsible for selecting an S-CSCF for the MS.

Fig. 3.1. UMTS architecture for packet switched service domain.

In UMTS, when an MS sends an “Initial L3 message” (e.g., location update request, connection management service request, routing area update request, attach request, paging response, etc.) to the SGSN, the SGSN may be triggered to authenticate the user. The authenticating parties are HSS/AuC in the home network and the universal subscriber identity module (USIM) in the MS. GPRS authentication consists of two major procedures [19], [23].

• Distribution of authentication information from the AuC to the SGSN: The SGSN sends an authentication data request to the HSS/AuC with the parameter international mobile subscriber identity (IMSI) of the MS, and receives a response with an array of authentication vectors (AVs) from the AuC. An authentication vector consists of a random number RAND, an expected response XRES,a cipher key CK, an integrity key IK, and an authentication token AUTN.

Each AV is good for one authentication and key agreement between the SGSN and the MS.

• Authentication and key agreement between the SGSN and the MS: This

procedure performs authentication between an MS and the network by showing knowledge of a preshared secret key К that is only available in the USIM of the MS and the AuC. The SGSN invokes the authentication procedure with an authentication vector. This procedure supports mutual authentication between the MS and the network. Specifically, the AUTN is used by the MS to authenticate the network, and the RES/XRES pair is used by the SGSN to authenticate the MS (where the RES is generated by the MS). Details of the procedure will be given in Section II-A. The MS also computes two keys CK and IK using the received RAND and the preshared secret key К stored in the USIM. On the network side, the SGSN passes CK and IK to the UTRAN.

During data transmission, CK and IK are used for ciphering and integrity between the MS and the UTRAN. Data ciphering and integrity is out of the scope of this chapter, and will not be discussed further.

In addition to GPRS authentication, it is necessary to authenticate the MS before it can access IMS services. Without IMS authentication, a mobile user who passes the GPRS authentication can easily fake being another IMS user. Details of the fake procedure will be elaborated in Section II-C. IMS authentication is performed between the IMS subscriber identity module (ISIM) in the MS and the AuC in the home network [24]. This procedure is basically the same as the GPRS authentication.

In this procedure, the CSCF first sends a multimedia authentication request to the HSS/AuC with the IP multimedia private identity (IMPI) of the MS, and receives a response with an array of AVs. (This step is skipped if the CSCF already has the AV array.) The CSCF then invokes the IMS authentication and key agreement procedure with an authentication vector. The MS authenticates the network through the received AUTN and the CSCF authenticates the MS using the RES/XRES pair. Detailed message flow of this procedure will be given in Section II-B.

Although both GPRS and IMS authentications are necessary, most steps in these

two “authentication passes” are duplicated. In other words, the two-pass authentication proposed in 3GPP 33.203 [24] is not efficient. In this chapter, we propose a one-pass authentication procedure that effectively combines both the GPRS and the IMS authentications. We prove that this simplified one-pass authentication procedure correctly authenticate the IMS users.