A Study Of The Security Of 3G Network Signaling System

With the vigorous development of the modern mobile technology, the third generation mobile communication technology has worldwide commercialization and quickly replaced the original mobile communication technology. The 3G has many advantages, such as communication speed, strong network performance, bearing capacity strong volume, etc. So the application of 3 g technology has brought unprecedented changes to people’s life and played an unimaginable role.IP multimedia subsystem, IMS, is the core part of the 3G networks, which are included in the communication network access layer, transport layer, control layer and application layer that need to be controlled and interacted by the IMS. In the IMS, session initial protocol, SIP, is an important signaling control protocol. The protocol control subsystems of the IMS to create, modify, and terminate one or more of the session. At the same time, due to the important role of this agreement, its flexible, simple, strong openness and good compatibility, it has be made to the agreement of a session control protocol standard. Using the SIP protocol, can make the users’ experience of new services such as instant messaging and online status.Although the SIP protocol has been widely used, but there still exists many security problems. Based on this, the HTTP digest authentication, S/MIME mechanism, TLS, IPsec mechanism has been developed and used. And HTTP digest authentication of SIP protocol compatibility for the best, so the mechanism is the default security authentication mechanism of SIP protocol. The author’s major contributions are outlined as follows:1. This paper introduces the development history of 3G, and the structure of the IMS system was introduced in detail. Then it focuses on the SIP protocol analysis and research, studies the current research status, research results, analyzes that it may face the main attack, etc.2. After the comprehensive analysis on the SIP security issues, rather than on the security front, this paper has a good study and analysis of HTTP digest authentication and comparing with other security mechanisms, such as S/MIME, TLS. The analysis results show that themechanism is very vulnerable to attacks such as server, offline password guessing attack, replay attack and other illegal attacks.3. Aiming at the defects of traditional HTTP digest authentication, the domestic some both-way HTTP digest authentication was proposed. So, this paper researches and analyzes the both-way authentication, and puts forward an improved on the basis of the bidirectional HTTP digest authentication, that is called s HTTP digest authentication. At the same time, combining with the server disguised attack, replay attack, registration hijacking attack and offline guess attack, it analyzes the advantages and disadvantages of three kinds of the certification and compared each other. Analysis results show that the presented s HTTP digest authentication is a good defense of these four attacks.4. Based on the summary s HTTP certification, the SIP call process was improved, and a safety analysis for the process of SIP call has be done, which respectively analyzes the session Key, the Hash algorithm and AES encryption algorithm. Finally, using the FETCH news communication, the article in the laboratory constructs the function and makes a simulation on servers, switches and other devices to realize the SIP session.