1. Field of the Invention
The present invention relates to a communication system, and more particularly to a method for processing an access-request message to authenticate a subscriber for a packet service in an IMT-2000 system.
2. Background of the Related Art
In an IMT-2000 system, packet service is provided by performing authentication, authorization to access, and billing. The packet service is thus kept secure.
In the IMT-2000 system, an Authentication, Authorization and Accounting (AAA) server performs the authentication, access authorization, and billing for an account. A Foreign Agent (FA) requests AAA service from the AAA server and provides a packet service for a subscriber to be authenticated by the AAA server. Transmission and reception between the AAA server and the FA is typically performed using a Remote Authentication Dial In User Service (RADIUS) protocol.
The RADIUS protocol is a client/server protocol by which the AAA server authenticates users who request a connection through a dial up modem and communicate with a central server for authorization of user access for a requested system or a service. The RADIUS protocol maintains user information in a central database so that every remote area server may hold the information of the database in common.
FIG. 1 is a flow chart illustrating the transmission and reception of a RADIUS protocol message between the FA and the AAA server in a related art IMT-2000 system. As shown in FIG. 1, the RADIUS protocol has an authentication message, an authorization message and an account message.
The authentication message is used to authenticate a user when the user logs on to an individual network or a public network including the Internet, for which a password is typically required.
The authorization message is used to determine who is authorized to access a corresponding system in a multi-user computer system. It also indicates use authorization, such as an access range of a file, an allowed access time, or an allocated storage space.
The authentication message and the authorization message include an access-request message for requesting access to a network of a terminal, an access-accept message for accepting the access to the network of the terminal, an access-reject message for rejecting the access to the network of the terminal, and an access-challenge message for requesting a challenge for the terminal.
The account message is used to indicate the initialization of a packet service, a time and amount of the packet service to be provided, or the termination of the packet service. The account message includes an account-request message for requesting generation of billing information and an account-response message for accepting generation of billing information.
FIG. 2 shows a format of the RADIUS message. As shown in FIG. 2, the message contains a code field, an identifier field, a length field, an authentication field, and an attribute field. The code indicates a type of a message, and is 1 byte in size. The identifier identifies messages by sessions, and is 1 byte in size. The length indicates the overall length of a message, including the code, the identifier, and the length of the length field. An authenticator is a value used for authentication, and is of 16 bytes in size. An attribute indicates an attribute of a main data.
The RADIUS protocol message has an authenticator field for authenticating the value of the authenticator is a value that the FA produces arbitrarily. This value is not to be repeated; a value that has been used beforehand should not be used again. The reason why the authenticator is used as an arbitrary value is to prevent a hacker from stealing a message for malicious purposes. If the authenticator were fixed according to a message, a hacker could get a normal access-accept message from the AAA server by using the authenticator of a message produced on the basis of the commonly held secret key even though the hacker is not privy to the value of the shared secret key. Thus, the authenticator value needs to be changed every time a message is generated, thereby preventing the hacker from attacking.
A related art method for processing the AAA to provide the packet service in the IMT-2000 system will now be described.
As shown in FIG. 1, when the FA 1 transmits the access-request message for requesting an access to the AAA server 2 (S1), the AAA server 2 analyzes the access-request message to perform user authentication. If the user is successfully authenticated, the AAA server 2 transmits the access-accept message to the FA 1 (S2). When the access-accept message is transmitted, a connection is established. When packet data is transmitted and received, the FA 1 transmits an account billing request message for billing to the AAA server 2 (S3). The AAA server 2 then verifies the received account billing request message. If the account billing request is verified, the AAA server 2 transmits an account billing accept message to the FA 1 (S4).
FIG. 3 is a flow chart illustrating a related art method for generating an access-request message in the FA of the IMT-2000 system. As shown in FIG. 3, the FA 1 generates an arbitrary 16 byte value to use as an authenticator (S11). The FA 1 next encrypts a user password by using the generated authenticator, a user password, and a secret key held in common by itself and the AAA server 2 (S12). It then writes the encrypted user password in the attribute field to generate a an access-request message (S13) and transmits the access-request message to the AAA server 2 (S14).
FIG. 4 is a flow chart illustrating a related art method for processing the access-request message received from the AAA server of the packet system. As shown in the drawing, the AAA server 2 decodes the received access-request message (S21). In order to decrypt the encrypted user password, the AAA server 2 inputs the authenticator value included in the decoded access-request message, the secret key held in common by the FA 1 and the AAA server 2, and the encrypted user password to an MD5 (Message Digest: encrypting/decrypting algorithm), and executes the MD5 algorithm, thereby decrypting the user password (S22).
The AAA server 2 next compares the decrypted user password and a user password of a corresponding user stored in the database (S23) and performs user authentication. Upon comparison, if the two user passwords are identical to each other, the user authentication is determined to have been successfully performed. If, on the other hand, the two user passwords are not identical, the user authentication is determined to have failed (S24).
If the user authentication has been successfully performed, the AAA server 2 generates the access-accept message and transmits it to the FA 1. If the user authentication has failed, the AAA server 2 generates an access-reject message and transmits it to the FA 1.
A method for generating the access-accept message will now be described. The AAA server 2 puts a value signifying the access-accept message in the code field, and an ID value included in the received access-request message in the ID field. A whole length value of the access-accept message is put in the length field and a value of the authenticator field of the access-request message is put in the authenticator field. The AAA server 2 also puts the attribute values, which is information to be received from the access-accept message, in the attribute field and thus generates the access-accept message.
The AAA server 2 inputs the access-accept message and the shared secret key known between the FA 1 and itself to the MD5 algorithm and executes the MD5 algorithm. As the MD5 algorithm is executed, a 16 byte message digest is created. The message digest is put in the authenticator field of the access-accept message to finally generate an access-accept message. The AAA server 2 then transmits the finally generated access-accept message to the FA 1.
Upon receipt of the access-accept message, the FA 1 determines the ID value of the access-accept message and searches information of the access-request message matched with the access-accept message. The FA 1 then searches an authenticator value of the access-request message.
The FA 1 stores the authenticator value of the access-accept message in a temporary storing area and writes the authenticator value of the access-request message in the authenticator field of the access-accept message. The FA 1 then executes the MD5 algorithm using the access-accept message of which the authenticator field has been newly filled and the shared secret key to be already known between the FA 1 and the AAA server.
Thereafter, the FA 1 compares the 16 byte message digest value, that is, a value obtained by executing the MD5 algorithm, with the temporarily stored authenticator value, to verify the received access-accept message. If the message digest value and the temporarily stored authenticator value are identical to each other, the FA 1 determines that the received access-accept message is verified. If, however, the two values are not identical to each other, the FA 1 determines that the received access-accept message is not verified, discards the message, and transmits the access-accept message back to the AAA server 2.
The related art IMT-2000 system has various problems. For example, after the user password is encrypted using the authenticator value, the FA 1 generates a final access-request message. Thus, when the AAA server 2 receives the access-request message, it decodes the access-request message and verifies the value of the attributes field of the access-request message, that is, the encrypted user password. Consequently, when the access-request message is received, the access-request message must be analyzed to authenticate the user. In addition, authentication is performed only for the user; it is not possible to authenticate the access-request message itself.
Therefore, if a malicious hacker transmits a large quantity of force access-request messages to the AAA server 2, the AAA server 2 must analyze the false access-request message one by one, and performs authentication by using the values of the attribute field. In this case, since the AAA server 2 performs various processes to attempt authentication, such as referring to the database and other resource allocation, the system becomes over-loaded, causing the system to crash.
The above references are incorporated by reference herein where appropriate for appropriate teachings of additional or alternative details, features and/or technical background.