IMS AKA support in the MBC SIP Adapter
AKA secured session establishment
The IMS-SIP Traffic Adapter supports all Registration services for AKA secured sessions:
-
Initial Registration to set up a new AKA session.
-
Re-Registration to extend an ongoing AKA session that is about to expire.
-
De-Registration to terminate an ongoing AKA session.
Read more about how AKA Secured Sessions are established and maintained with SIP Registration Message Flows.
AKA session monitoring
The IMS-SIP Traffic Adapter supports all Notification services for AKA secured sessions:
-
Subscription to Registration state events
-
Notification of Registration state events
Read more about how AKA Secured Sessions are monitored for registration events with SIP Subscribe and Notify message flows.
Functions for Authentication and Key generation
MBC implements MILENAGE, the example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5, and f5*.
AKA Configuration support
The IMS-SIP adapter can be configured to meet all requirements for IMS AKA sessions.
Algorithms
The IMS-SIP Traffic Adapter is configured for one of two hash algorithms:
-
hmac-sha-1-96.
-
hmac-md5-96.
The IMS-SIP Traffic Adapter is configured for one of three encryption algorithm alternatives:
-
aes-cbc.
-
des-ede3-cbc.
-
null (encryption algorithm off).
Encryption of SQN
Encryption of Sequence Number (SQN) for authentication in AKA with the AK key is configurable.
SPI number range
The highest and the lowest SPI values used by the SIP-AKA Traffic Adapter are configurable.
OP constant configuration
The OP constant or “operator variant algorithm configuration field” can be configured as a 32-digit hexadecimal value.
Long term secret (K) configuration
Each user’s long term secret (K) is defined as a 32-digit hexadecimal value. The long term secret (K) value is stored in each subscriber’s entry in the User Identity file.
AKA Transport protocols
The IMS-SIP Traffic Adapter supports the transport protocols UDP, TCP and SCTP.
