3. authentication and equipment identification 3.1...

33

3. AUTHENTICATION AND EQUIPMENT IDENTIFICATION

3.1 INTRODUCTION

Authentication is a process of exchanging information between a

communication device and the mobile network which allows the network

operator to confirm the identity of the mobile user. During inter MSC

handover the new MSC/VLR do not have any information

regarding the MN [60][61]. So MN has to be authenticated [62]. During the

validation of the user, a service provider can deny service if their identity is

not proved [63]. Authentication is necessary in order to prevent unauthorized

users requesting for the service. This process includes some challenging

procedures. Authentication is essential for effective security, since access

control is normally based on the identity of the user who requests for a

resource [63]. If heterogeneous handover occurs then Equipment

identification is also needed to verify the IMEI number of the device [64].

In the present system, MNs authentication and IMEI verification

occur in s home network. During inter MSC handover, the MN enters into

foreign network so authentication and identity checking consumes more time,

which leads to network traffic and interruptions in communication. To avoid

these drawbacks, in the proposed system an agent called Mobile Information

Centre (MIC) is introduced which is located in MSC itself [Annexure I]. Until

now MSC takes care of inter MSC handover, intra MSC handover and all the

BSCs under its control. In order to avoid additional burden to MSC, the

separate agent MIC is developed which is exclusively designed to handle

inter MSC handover. MIC is an additional module of storage in MSC along

with necessary software modules for processing. MIC is designed in such a

way that the MN is directly authenticated and its identity being checked within

the two MSCs which are involved in inter MSC handover [65][66]. A dual

authentication procedure is used for the verification of a MN. This method

reduces authentication delay, network traffic, packet dropage and process

time during inter MSC handover.

34

3.2 PROPOSED MODIFIED AUTHENTICATION MECHANISM

Since handover occurs within two MSCs, mutual authentication

among two MSC/MICs is sufficient without disturbing the home

network for information on the MN. For mutual authentication both MSC/MIC

(existing MSC/MIC and new MSC/MIC) shares p,q,g values, where p is a 512

bit prime number, q is a 160 bit prime factor of p-1, and g is

where h is primitive root of p. The p,q and g parameters are same as the

parameters used in Digital Signature Algorithm [67]. The diagrammatic

representation is given in Figure 3.1.

Figure 3.1: MIC with p,q and g values

To reduce the authentication and equipment identity delay MIC

Authentication Algorithm (MICAuA) is proposed which reduces the handover

delay and provide mutual authentication among existing MSC/MIC, new

MSC/MIC and MN which is shown in Figure 3.2. To implement this algorithm

IMEI number is stored in existing MSC/VLR during registration itself which is

represented in Figure 3.3.

35

Figure 3.2: Mutual authentication among MSCs and MN

Figure 3.3: MSC/VLR store IMEI value during registration process

3.2.1 Mobile Information Centre Authentication Algorithm (MICAuA)

The sequences of transactions that take place for authentication

are given in the following steps.

Step 1: During TCH activation of new BS, existing MSC sends handover

request (LAI, IMSI) along with TMSIold (TMSI number used by

existing MSC) RAND (Random Number), Kc (Ciphering Key) and

MSISDN (Mobile Station International Subscriber Directory

Number) to new MSC/VLR.

36

Step 2: Existing MSC sends handover indication response,

TCH information along with p,q and g values to MN. After

completing step 2, existing MSC, new MSC and MN gets all the

parameter values. Thereafter they can compute the following

parameters needed for authentication.

Step 3: MN computes

(3.1)

(3.2)

Existing MIC computes

New MIC computes

(3.3)

MN sends r and ex values to new MIC along with connection

request message.

New MIC sends r value to new MIC along with authentication reply.

Step 4: New MIC checks

If (r of MN = r of existing MIC) and (ex of MN =ey of new MIC) then

MN is authenticated

else

MN is an intruder.

37

The equations of r,ex and ey are derived from the Digital Signature

Algorithm (DSA) [67]. The results generated for the verification of

authentication and identity checking are done in Python software (Annexure

II) which are done in parallel.

3.2.2 Importance of MICAuA algorithm

The significance of MICAuA algorithm is identity privacy, Dual

Authentication and reduction of packet dropage, which is discussed in detail

in the subsequent sections.

3.2.2.1 Mobile node identity privacy

In existing algorithm, MN transmits IMSI number along with

authentication request. Similarly IMEI number is transmitted with equipment

identity request. IMSI and IMEI numbers are the unique identity key for every

MN. In MICAuA, the IMSI and IMEI are not transmitted for the authentication

and identity checking; so the probability of getting a unique key by intruder

will be almost nil. IMEI number is applied in r calculation alone which is

transmitted by MN. This reduces a separate equipment identity checking

process and provides security of IMEI number and also reduces time

compared to existing handover mechanism. In authentication even though

we are not using unique primary key, from the set of secondary keys (RAND,

TMSI, Kc and MSISDN), it provides authentication of MN. During MN

registration, RAND is given to MN by MSC but Kc and MSISDN are not

transmitted. TMSI number is only traceable to intruder. During the handover if

intruder gets handover request while sending from existing MSC to new

MSC, he succeed in the attack since IMEI number which is applied in r

value is not transmitted. Hence this method provides stronger user identify

privacy than other existing algorithms.

3.2.2.2 Dual Authentication

In existing algorithm MN is authenticated by HLR alone and hence

this is a single authentication method. In MICAuA, MN generates r and ex

38

values. Existing MIC generates r value and new MIC generates ey value. If r

value of MN is equal to r value of existing MIC then first authentication is

completed. This is also the identity checking process. Second authentication

is completed if ex value of MN is equal to ey value of new MIC. If both

authentications are satisfied then MN is an authenticated user else MN is not

an authorized user.

3.2.2.3 Reduction of packet dropage

Since same Kc is used for both MSC encryption and decryption

process so that, once authentication is completed then MN has to send data

with TMSIold to new MSC. New MSC forwards this data to Corresponding

Node (CN) through existing MSC. Similarly existing MSC forwards the data to

MN through new MSC. This data transmission continues to take place until

TMSInew allocation and path establishment from new MSC to CN is

completed. Where as in the original procedure, once the request for

handover is issued and authentication process starts, the transmission of

package is stopped or lost. This reduces the packet dropage and

retransmission of data. The duration of non transmission of data packet are

much less. Thereafter data will be communicated to CN through new MSC

with TMSInew.

3.3 MICAuA APPLICATION IN VARIOUS INTER MSC HANDOVER

In this section the application of MICAuA in various inter MSC

handover processes and the delay in handover is compared with existing

method and the improvements are evident.

3.3.1 MICAuA in GSM heterogeneous Inter MSC handover

In GSM heterogeneous Inter MSC handover, since MSCs are under

different service providers, MN has to authenticate and IMEI checking should

be done for proper authentication. Also TCH, MSRN (Mobile Station

Roaming Number), TMSI should be allocated newly.

39

We have learnt fro 68] authentication

protocol, key (Ki) and Random number (RAND) are used at HLR to generate

a temporary key with A3 algorithm. Further, that key is shared with MN and

visiting VLR. Ki is the secret key with MN and HLR, and the random number

is generated by HLR using random number generation algorithm. A

certificate CERT_VLRZ is created for A3 (Timestamp of MN, Ki) at HLR. This

certificate is used to verify the visiting VLR of MN.

Chin-Chen Chang [63], in his paper has used TMSI and LAI to

recognize IMSI between MN and VLR during authentication request. Further

VLR forwards IMSI along with time stamp to HLR for calculating SRES.

Though the IMSI transmission between MN and VLR is avoided, IMSI has to

be forwarded to HLR for SRES calculation. For mutual authentication Chun-I

Fan [69] has proposed time based protocols between MN, VLR and HLR. He

also suggested clock synchronization among the systems. Further stable

transmission is a prerequisite in his proposed system. This may lead to

hardware speculations. In his jth authentication protocol between user and

system, the final verification of authentication is done at the MN. For mutual

authentication during roaming services Yixin Jiang [70] suggested self-

certified scheme. This requires the transmission of the shared key through

the secured channel. Also he has used the temporary identity for

authentication between VLR, HLR and MN. He has used this temporary

identity for the purpose of combining certificate based and identity based key

systems.

71] work we have observed a trust model is

framed to bypass the VLR and HLR for the purpose of mutual authentication

between MN and AuC. He has also used offline authentication between HLR

and MN within the same network. In this work, we have used the similar

concept for the purpose of inter MSC authentication. Ming-Chin Chuang [72]

implemented authentication mechanism as a seamless handover process in

Proxy Mobile IP version 6. In his architecture, a set of MSCs are connected

40

with local mobility anchor and Authentication-Authorization-Accounting (AAA)

server. He adopted 3 procedures. They are initial registration, authentication,

and password change procedure. There are 12 steps to complete these

authentication procedures. Yuh-Ren Tsai [73] proposed subscriber identity

module based authentication mechanism. He has used WLAN concept for

authentication purpose which involves Dynamic Host Configuration Protocol

(DHCP), Authentication server and gateway. This authentication mechanism

has temporary IP address acquisition phase and subscriber identity

verification Phase. In a temporary IP address Acquisition Phase MN finds

out DHCP server and also gets a temporary IP address of authentication

servers. In subscriber identity verification phase MN sends a registration

HLR then forwards the message to the HLR. HLR generates triplet and

returns to the authentication server. Further he has utilized A3 and A8

algorithms. Qiang Tang [74] in his Cryptanalysis of hybrid authentication

protocol for large mobile network, suggested not burdening the MN for

extensive computations for the purpose of authentication. As the hybrid

authentication protocol has to authenticate every message through Kerberos

V4 (version 4) and V5 (version 5). Initial authentication has to be re-hashed

by the MN. Guangsong Li [75] in his concept of proactive key distribution -

ticket-based re-authentication scheme for fast Handover method, used the

authentication server to provide the handover ticket to MN. Each ticket

corresponds to the neighboring access point of MN. The ticket contains

encrypted pairwise master key neighbor access point, generated by the

authentication server. With this ticket the MN can re-authenticate with

neighbor AP.

3.3.1.1 Existing procedure

MN measures the received signal level (RXLEV) and received

signal quality (RXQUAL) of current communication and received signal

strength of neighbouring cells in every 480ms. MN has to send these

41

information to existing BSC through Slow Associated Control Channel

(SACCH)[76][77]. Existing BSC verifies whether the neighbouring cells are

under its subordinate or not. Since in inter MSC handover, all the

the existing BSC forwards this

message to existing MSC. Existing MSC identifies the new BS based on the

signal strength, and also it sends handover request (LAI, IMSI) to new MSC.

The new MSC/VLR stores the IMSI and LAI values to its database. New

MSC sends new TCH request to new BSC. New BSC allocate a TCH to MN

and then sends TCH activation message to new BS [78]. New BS activates

the TCH and then sends TCH response to new MSC through new BSC. The

TCH activation procedure is shown in Figure 3.4. New MSC forwards the

TCH response to existing MSC. Existing MSC sends the handover indication

response along with TCH information to MN through existing BSC and the

same is given schematically in Figure 3.5. MN sends handover indication

response acknowledgement to existing BSC. There after no communication

occurs between MN to existing BS. Instead of TCH allocation to new BSC

through new BS, this pre-allocation preforms through existing BS before MN

being connected to new BS. Due to this pre-allocation of TCH in advance,

the handover time is reduced.

Figure 3.4: TCH activation

42

Figure 3.5: Handover indication response

To transmit data through new TCH, new BS has to establish the

control channel SDCCH with MN [79]. After receiving the SDCCH request

from the MN, new BSC has to assign a SDCCH to MN. SDCCH is a

dedicated point-to-point signaling channel which is not tied to the existence of

i.e. it is used for signaling between a MN and the BSC

when there is no active connection. The SDCCH involves in authentication

process, MN location update process and TCH assignment process.

For RAND, SRES,

Kc, TMSI, LAI and entire database values of are invalid.

Hence MN has to prove its authentication and identity checking once again.

For authentication MN sends connection request along with IMSI to new

MSC through SDCCH. The SDCCH assignment is shown in Figure 3.6. New

MSC identifies the home MSC of MN from the IMSI value then forwards this

connection request to its home MSC. Home MSC generates a RAND using

random number generation algorithm. RAND

are taken as inputs and perform COMP-128 algorithm [32][63]. This algorithm

produced SRES and Kc as the outputs which is shown in Figure 3.7. Home

MSC sends triplet (SRES, Kc, RAND) to new MSC. New MSC/VLR stores

this triplet and sends RAND to MN. MN executes SRES and Kc using

COMP- . MN sends SRES

43

to new MSC as authentication reply. New MSC verifies the SRES generated

by both MN and home MSC. If both are equal then MN is authenticated node.

After the authentication process, MN sends IMEI number to home MSC, so

that home MSC/EIR can verify the IMEI number. IMEI checking is to avoid

malicious user from using block list of stolen devices. After IMEI checking is

completed, new MSC/VLR assigns a MSRN number and this number is

shared by home MSC and new MSC. Similarly TMSI number is assigned by

new MSC/VLR which is shared by new MSC and MN as shown in Figure 3.8.

TMSI is used for data transmission. New MSC sends a TCH release

message to existing MSC [80][81]. Existing MSC releases the old TCH and

then it sends acknowledge message to new MSC so that that particular TCH

can be used to other new mobile devices. New MSC sends connection

complete message to MN. Then MN sends information for outgoing

communication message to new MSC. New MSC sends initial address

message (path establishment) to CN. CN sends address complete message

to MN through new MSC. After these processes, both MN and CN

communicate with each other.

Figure 3.6: SDCCH assignment

44

Figure 3.7: Authentication process

Figure 3.8: TMSI assignment process

3.3.1.2 The attack on the existing method

Using man-in-the-middle technique, an attacker can pretend to be

an original user of the network [82][83]. In this case, the network sends the

RAND number along with the authentication request to the user. The attacker

captures the authentication request message. Then attacker forwards the

same message to original user as a service provider. Then the original user

computes COMP-128 algorithm to calculate SRES value and sends it to

attacker. Attacker receives the SRES values and further forwards it to

45

network. Network gives authentication completion message. The Figure 3.9

shows the above said process in detail.

Figure 3.9: Man-in-the-middle attack

To find the key, the attacker may use several ways. If the attacker

sends any query to the user (example phone number), then user replies to

attacker. From that, the attacker can use brute-force attack then it can

identify the key Kc [84]. Also in these algorithms bit size is 128. Present

[85]. These drawbacks are

overcome using the proposed method.

3.3.1.3 Proposed work

In the proposed work, while sending TCH request from existing

MSC to new MSC, existing MSC adds additional parameters TMSI, RAND,

Kc and MSISDN. Handover request procedure and parameter exchange are

shown in Figure 3.10. Since existing and new MSC/MICs share p, q and g

values, the new MSC/MIC has sufficient parameter values to compute ey

value as per equation 3.3 in the mutual authentication algorithm. Since

existing MSC/VLR stores the IMEI number during the registration process,

existing MSC/MIC can calculate r value as given in equation 3.1. In case the

intruder captures this handover request information, IMEI number is not

available. So he cannot succeed. To compute ex based on equation 3.2 and

r values, MN needs the p, q and g values. For that existing MSC sends this p,

q and g values to MN through handover indication response message along

46

with new TCH information is shown in Figure 3.11. MN sends

acknowledgement to existing BS then connection is terminated with existing

BS. MN now requests to establish control channel SDCCH to new BS. New

BS establishes this control channel and the channel information is sent to

MN. Since existing MSC, new MSC and MN gets their own parameters to

compute the parameters needed for MICAuA. Also due to parallel processing

all computations are completed before establishing SDCCH. This reduces

the handover time also. MN sends connection request along with ex and r

values to new MSC/MIC. Similarly existing MSC sends the authentication

reply along with r value to new MSC/MIC. Then new MSC/MIC performs the

MICAuA authentication verification process in which it checks whether ex

generated by MN and new MSC/MIC generated ey are equal as well as r

value generated by MN and existing MSC/MIC are equal. If both conditions

are satisfied then MN is an authorized user otherwise MN is an intruder.This

is reperesented in Figure 3.12. If MN is intruder then network denies its

service. IMEI is used to computer r value and hence there is no need of

identity checking separately thereby reduces a step in handover. Since MN is

a genuine user to the existing MSC, both existing MSC and new MSC

authentication is sufficient to prove the MN as an authorized one.

47

Figure 3.10: Handover request with additional parameters and TCH activation

Figure 3.11: Handover indication responses with additional parameters

Figure 3.12: Dual Authentication

Once new MSC completes dual authentication, communication

starts immediately via new MSC and existing MSC with the help of TMSIold

(TMSI value which was used to communicate before handover process) as

shown in Figure 3.13. TMSIold is stored in MN, new MSC and existing MSC.

Hence any data received from CN by existing MSC is forwarded to new MSC

which is further forwarded to MN. Similarly any data packet received from the

48

MN by new MSC is forwarded to existing MSC which is further forwarded to

existing MSC and then to CN. Due to this data communication, dropage in

transmitted data and handover delay is reduced. Therefore for time sensitive

applications such as multimedia, voice and video the quality of information is

improved.

During communication, new MSC generates new TMSI and MSRN

values. TMSI is distributed to MN and also MSRN is distributed to home MSC

in parallel. There after MN gives the information for outgoing communication

to new MSC and new MSC establish the path (routing) to the CN which is

given in Figure 3.14. Until now the TCH used by existing BS to the particular

MN is not released instead it is kept on reserve. Now, because of the new

MSC established connection with CN, new MSC sends the TCH release

message to existing MSC, existing MSC forward this message to the

concerned BSC, and BSC releases the TCH information from its database

and also it sends release message to the concerned BS. The BS releases

the particular TCH and then sends acknowledgement to existing MSC

through BSC. Thereafter the released TCH can be utilized for new

communications. Existing MSC deletes

MSC/VLR database, there after there is no information available in existing

MSC . The above process is shown in detail in Figure 3.15.

49

Figure 3.13: Data communication via new MSC and existing MSC

Figure 3.14: New Path establishment

Figure 3.15: Proposed TCH release message

This data communication continues with TMSIold until the existing

MSC/VLR deletes . This increases communication

duration and there by reduces idle time and hence packet drops. Then

existing MSC sends the handover complete message to new MSC. New

MSC forward this handover complete message to MN so that the further data

packets are re-routed by new TMSI value and send to CN. All these

50

information are given along with the required parameters and the time on

which they are requested. The data flow is shown in Figure 3.16.

Figure 3.16: MICAuA in GSM heterogeneous inter MSC handover

3.3.1.4 Simulation Results

The Simulation is done in yellowjacket string Editor. The standard

transmission delay involved in the proposed as well as in the existing work is

shown in Table 3.1 [22].

51

Table 3.1: Transmission delay

Channel Type Transmission

Delay (ms)

SDCCH (Stand-alone Dedicated Control Channel) 14

SACCH (Slow Associated Control Channel) 14

FACCH (Fast Associated Control Channel) 38

BCCH (Broadcast Control Channel) 14

AGCH (Access grant Channel) 14

PCH (Paging Channel) 14

Intermediate nodes 10 (assume)

After authentication, the existing MSC forwards the data packets to

new MSC as shown in Figure 3.17. Figure 3.18 represents new path

establishment process and Figure 3.19 shows data communication after

handover completion process.

Figure 3.17: Simulation Result Data transfer from existing MSC to new MSC

52

Figure 3.18: Simulation Result New path establishment

Figure 3.19: Simulation Result Data transfer via new path

53

3.3.1.5 Comparison between existing and proposed procedure in GSM heterogeneous Inter MSC handover

Using simulation a comparison between the existing procedure and

proposed procedure run on various parameters are given in the Table 3.2

shown below.

Table 3.2: Comparison of various activities for GSM heterogeneous handover

Existing Work Proposed Work

Authentication type

Single authentication Double authentication

-

-

54


Identity privacy IMSI and IMEI numbers are unique numbers of MN. Transmit IMSI along with authentication request. Also transmit IMEI number along with identity request.

Instead of IMSI number, TMSI is used in the authentication algorithm. IMEI number is used to compute r values.

Based on handover delay, the percentage of reduction in handover

delay is 44% compared to existing procedure.

3.3.2 MICAuA in GSM homogeneous Inter MSC handover

Inter MSC handover within an access network is called

homogeneous inter MSC handover [86][87]. Homogeneous inter MSC

handover perform authentication process but it eliminates equipment identity

process.

3.3.2.1 Existing work

GSM homogeneous inter MSC procedure is same as

heterogeneous handover as discussed in section 3.3.1.1 but the only

55

difference is that identity checking is not needed. The handover parameters

and the sequence of the data flow is shown in Figure 3.20.

Figure 3.20: Data flow for existing GSM homogeneous handover


In the proposed work the TCH allocation procedure is same as in

the existing procedure but additional parameters are added and appended

and given to new MSC and MN. With the help of the additional parameters

MN is authenticated based on MICAuA algorithm. After the completion of

authentication, communications starts with the help of both MSCs. TMSI and

56

MSRN allocation and its activation will be done as parallel process, hence it

consumes less time. The new routing path is established from new MSC to

CN. Thereafter existing BS TCH is deactivated. After these processes, data

communication starts with new TMSI through new path. The parameters

involved in the handover and the detailed dataflow is shown in Figure 3.21.

Figure 3.21: Data flow for proposed GSM homogeneous handover

57

3.3.2.3 Comparison between existing and proposed work during GSM homogeneous Inter MSC handover

A comparison between existing and proposed work during GSM

homogeneous Inter MSC handover is made based on various parameters

and is shown in Table 3.3. The proposed procedure provides 34.7%

reduction compared to existing one in the handover delay.

Table 3.3: Comparison table for GSM homogeneous handover

Existing procedure Proposed procedure

Authentication Single Double

Handover delay 960ms 626ms

Parallel processing Not permitted Permitted

No of bits process 128 bits 512 bits

Packet dropage duration 806 ms 263 ms

3.3.3 IS-95 homogeneous inter MSC handover

IS-95 is a CDMA based network. In IS-95 soft and softer handover

are possible only with intra BSC, but in case of inter MSC hard handover is

only possible. Hence authentication is necessary during inter MSC handover.


In IS-95 authentication procedure, instead of COMP-128 algorithm,

CAVE algorithm is used [41]. The detailed flow diagram is shown in

Figure 3.22.


With the help of MIC agent homogeneous inter MSC, hard

handover is made as soft handover. The same radio frequency is shared by

both existing BS and new BS but the channels use different Walsh codes and

58

the mobile node communicates simultaneously with these BSs [88]. Due to

this, there is no data loss during handover. Figure 3.23 shows the detailed

handover procedure. In the MICAuA, for the computation of r value

(equation 3.1), ESN is used instead of IMEI.

Figure 3.22: Data flow for existing IS-95 homogeneous handover

59

Figure 3.23: Data flow for proposed IS-95 homogeneous handover

3.3.3.3 Simulation Results

After receiving the TCH and pn offset information, the data

transmission takes place in both BSs. Figure 3.24 shows the simulation

output for this scenario.

60

Figure 3.24: IS-95 soft handover

3.3.3.4 Comparison between existing and proposed work during IS-95 homogeneous Inter MSC handover

A comparison is made between existing and proposed works of IS-

95 homogenous inter MSC handover based on the output obtained from

yellowjacket string Editor and is shown in Table 3.4

Table 3.4: Comparison table for IS-95 homogeneous handover


Handover delay 798 ms 400 ms

Handover type Hard Handover Soft Handover

Data packet loss Yes No

Packet dropage duration 640 ms Nil

Percentage reduction in handover delay for the proposed procedure

is 49.9%

61

3.3.4 IS-95 Heterogeneous inter MSC handover

In IS 95 heterogeneous inter MSC both existing and proposed work

involves hard handover.


The diagrammatic representation of the parameter used and the

data flow is shown in Figure 3.25. Since ESN is applied in CAVE algorithm

itself there is no need for separate procedure for identity checking. This also

reduces the handover delay.

Figure 3.25: Data flow for existing IS-95 heterogeneous handover

62


In the proposed work MICAuA algorithm is applied for

authentication of IS-95 heterogeneous network. The data flow of the

handover is shown in Figure 3.26.

Figure 3.26: Data flow for proposed IS-95 heterogeneous handover

63

3.3.4.3 Comparison between existing and proposed procedure during IS-95 heterogeneous Inter MSC handover

By the simulation it is seen that the Percentage of handover delay

reduction in the case of proposed procedure is 50.54% compared to the

existing procedure. The comparison between the existing work and the

proposed work based on the output obtained from yellowjacket string Editor

simulator is shown in Table 3.5.

Table 3.5: Comparison table for IS-95 heterogeneous handover




Authentication Single Dual

Number of bits process 128 bits 512 bits


3.3.5 IS-95 to GSM heterogeneous inter MSC handover

IS-95 system supports both TDMA and CDMA based network. In

this vertical handover of the existing and proposed work is discussed below.


In vertical handover, cave algorithm is utilized for authentication.

Traffic channel and SDCCH activation, authentication procedure is discussed

in detail using the flow diagram shown in Figure 3.27.

64

Figure 3.27: Data flow for existing IS-95 to GSM heterogeneous handover


The MICAuA is applied for the vertical handover authentication so

as to reduce the handover delay. The procedural steps involved is shown in

Figure 3.28.

65

Figure 3.28: Data flow for proposed IS-95 to GSM heterogeneous handover

3.3.5.3 Comparison between existing and proposed procedure in IS-95 to GSM Inter MSC handover

The Percentage of reduction in handover delay in case of proposed

method is 42.61%. A detailed comparison made based on various

parameters for the existing and proposed work is shown in Table 3.6.

66

Table 3.6: Comparison table for IS-95 to GSM heterogeneous handover





Number of bits process 128 bits 512 bits


3.3.6 3G WCDMA Inter MSC handover

The authentication algorithm MICAuA is also applicable to 3G Inter

MSC handover. The existing handover and the proposed handover is studied

in detail and simulated. A comparison between the two is also made below.


In 3G except authentication, the remaining process remains same

as 2G. For authentication, the home MSC generates RAND and Sequence

Number (SQN). Figure 3.29 and Figure 3.30 show the existing procedure.

F1, F2, F3 F4 and F5 functions are generated based on RAND, Key (K),

Authentication and key Management Field (AMF), SQN etc., [89][90]. The

home network sends the Quintel (RAND, Expected Response (XRES), CK,

Integrity Key (IK), Authentication Token (AUTN)) to new MSC. New MSC

sends RAND and AUTN to MN. MN generates F1 to F5 functions and

forwards Response (RES) to new MSC. New MSC verifies whether the RES

send by MN and XRES send by home MSC are same. If same, then it sends

authentication complete message.


In the proposed work MICAuA is being applied for authentication

and found that the handover delay is reduced. The procedural step for

handover is shown in Figure 3.31.

67

Figure 3.29: Data flow for existing 3G WCDMA heterogeneous handover-1

68

Figure 3.30: Data flow for existing 3G WCDMA heterogeneous

handover-2

69

Figure 3.31: Data flow for proposed 3G WCDMA heterogeneous handover

3.3.6.3 Comparison between existing and proposed procedure during 3G-WCDMA Inter MSC handover

A comparison is made between the existing and the proposed work

for 3G WCDMA and is shown in Table 3.7.

70

Table 3.7: Comparison for 3G WCDMA heterogeneous handover in existing and proposed procedures





Number of bits processed 128 bits 512 bits


Percentage of reduction in handover delay for the proposed

procedure is 59.1%

3.4 CONCLUSION

In this chapter, how the authentication algorithm MICAuA is being

applied to various generations of mobile communication networks is

discussed. This chapter also provides a brief comparison between existing

mechanism and the proposed method and improvements are observed in the

proposed mechanism. Even though this algorithm provides improvements

from the existing system, the new BS is decided based on the signal strength

of neighbouring BSs given by MN. The signal strength obtained by the MN

will not be accurate due to signal reflection from buildings, mountains or

other reflective surfaces including water, etc. This leads to wrong prediction

of new BS. To avoid these drawbacks, and to find the accurate location of

MN, hybrid location prediction method is suggested which is discussed in

detail in the subsequent chapter.

3. authentication and equipment identification 3.1...

Documents