WO2007098660A1

WO2007098660A1 - An authentication method and system between network entities in ip multimedia subsystem

Info

Publication number: WO2007098660A1
Application number: PCT/CN2006/003628
Authority: WO
Inventors: Yang Xin; Fuyou Miao; Yixian Yang; Kai Zhao; Bing Liu; Pengchao Li
Original assignee: Huawei Technologies Co., Ltd.; Beijing University Of Posts And Telecommunications
Priority date: 2006-03-02
Filing date: 2006-12-27
Publication date: 2007-09-07
Also published as: CN101030854A; CN101030854B

Abstract

An authentication method and system between network entities in IP Multimedia Subsystem (IMS). The method includes: calculate an authentication vector (AV) according to the relationship between the entity identity identifier and the uniform resource identifier and said entity identity identifier; the authentication initiation entity acquires said AV; said anthentication initiation entity sends an authentication challenge including parameters in the AV to the authentication response entity, said authenticaion response entity calculates according to the paremeters in said AV and sends the result to said authentication initiation entity via a authentication response message, so that said authentication is completed. A corresponding network entity authentication system includes an authentication response entity, an authentication initiation entity and a home subscriber server, and still includes an AV acquisition unit, an authentication challenge sending unit, an authentication calculation unit and an authentication determination unit. The invention solves the security problem between network entities in the art and increases the security reliability of the IMS. Also the authentication procession is simple and is adapted to real time communication service.

Description

Mutual authentication method and system for network equipment in multimedia subsystem The application is filed on March 02, 2006, and the application number is 200610057977.2, and the invention name is "mutual authentication method and system of network entity in multimedia subsystem" Priority of Chinese Patent Application, the entire contents of which is incorporated herein by reference. Technical field

The present invention relates to the field of communication and network security technologies, and in particular, to a mutual authentication method and system for network devices in an IP Multimedia Subsystem (IMS). Background technique

The IP Multimedia Subsystem (IMS, IP Multimedia Subsystem) is access independent. The network elements defined in the IMS framework include a Serving Call Session Control Function (S-CSCF), a Proxy Call Session Control Function (P-CSCF: Proxy Call Session Control Function), and an Inquiring Call Session Function Entity ( I-CSCF: Interrogating Call Session Control Function), Media Gateway Control Function (MGCF: Media Gateway Control Function), Home Subscriber Server (HSS: Home Subscriber Server), SLF (Subscription Locator Function), etc. There are also functional entities such as a multimedia resource function controller (MRFC) and a multimedia resource function processor (MRFP) that implement multi-party conferences.

In order to ensure the security of IMS, two types of security are mainly considered, namely, user access security and IMS internal function module security. Figure 1 shows an existing IMS security architecture.

In the architecture shown in Figure 1, the following interfaces need to provide security:

1) Provide two-way authentication between the user and the IMS network. The HSS implements the authentication function between the user equipment and the S-CSCF. The HSS is responsible for generating the key, and the long-term key is stored in the secure memory of the user and is stored by the user's private identification (IMPI). Each user should have only one IMPI, and there can be multiple user public identities (IMPUs) externally.

2) A secure connection is required between the user terminal (UE) and the P-CSCF to ensure that the security association can provide protection for the Gm interface. Here, the security association refers to the negotiation and unification of security mechanisms, parameters, etc. between two or more entities on the network, and Gm refers to the UE and Reference point between P-CSCFs.

In addition, data source authentication should be provided, that is, to ensure that the source of the received data matches the source of its claim.

3) Provide security between CSCF and HSS in the network domain.

4) Provide network domain security between CSCF network entities between different networks across the home network and the access network.

5) Provide security between CSCFs within the same network. This security association also applies if the P-CSCF is present in the home network.

Among them, 1, 2 is called the security of the IMS access network, and 3, 4, and 5 are the security of the functional modules in the network domain.

The security of the IMS network is based on the user's private identity and the key on the card. IMS defines its own IMS Subscriber Identity Card (ISIM-IMS SIM). The ISIM card is a functional carrier defined in IMS. It is similar to the SIM card used in existing mobile phones. It is generally used in mobile terminals. It is similar to Universal Mobile Telecommunications System (UMTS- Universal Mobile).

Telecommunications System's UMTS Subscriber Identification Card (USIM), which stores IMS-related security data and algorithms. The ISIM card exists on the Universal Integrated Circuit Card (UICC) chip and does not share the security function with the USIM card, but it can also be shared with the USIM. The ISIM card defined in the prior art mainly includes the following parameters:

IMPI: IM personally identifiable information

IMPU: One or more IM public identity

The domain name of the user's network

SQN serial number in the IMS domain

Authentication key (the basis of IMS security)

In the IMS network, only the ISIM card and HSS share these secret parameters and algorithms, and no other network device knows the key and private identity IMPI. Authentication, encryption and integrity protection, etc. in the present invention are based on these parameters.

Since the IMS network adopts an IP technology system with more security problems, the current IMS has no mature application and does not have a perfect security mechanism, so there exists between network devices. Communication security issues, such as:

After a UE successfully registers with the P-CSCF, another legitimate UE with a malicious purpose may attempt to masquerade as a P-CSCF to send a SIP message to the S-CSCF. On this basis, since the P-CSCF can serve multiple UEs at the same time, the malicious UE can use the identity of the P-CSCF to send a message to the S-CSCF that affects other users. For example: User A is communicating with the S-CSCF through the P-CSCF, and the malicious UE now uses the identity of the P-CSCF to send a forged message "User A requests to interrupt communication". The S-CSCF assumes that this is User A. The request causes user A communication to be interrupted. However, the P-CSCF cannot generate billing information and may attack other users.

For the above mentioned issues, the following guidelines are generally used to prevent illegal attacks: Devices that access the S-CSCF should be strictly part of the core network devices, which only serve IMS. It should be ensured that the UE cannot directly send IP packets directly to network devices outside the IMS restrictions, that is, only IP packets can be sent to the assigned P-CSCF or server.

Some measures are taken to prevent malicious UEs from masquerading IMS core network devices at the IP layer, especially for P-CSCF.

The access network provides a general protection mechanism to prevent malicious UEs from IP address spoofing.

In order to solve the above mentioned security problems, according to the recommendations of the guidelines, a certain authentication method and a method for preventing BP spoofing are mainly used to implement attacks against malicious UEs.

In the prior art, the following two technical solutions are mainly used to implement IMS security.

1. IPSec Encapsulating Security Payload (ESP)

The IPSec encapsulated security payload IPSec ESP mechanism is used between the various security domains in the IMS and between the nodes in the security domain for integrity, confidentiality, and data source authentication. IPSec first uses the IKE key exchange protocol to establish an SA security association. ESP uses various security parameters (such as encryption algorithms, key distribution, etc.) agreed upon in the SA to encrypt subsequent communications.

In the scheme of using IPSec to encapsulate the security payload,

1) The IKE negotiation process is cumbersome and complicated, and is used in P-CSCF and S-CSCF authentication, which is not suitable for real-time communication.

2) IKE negotiation requires the use of a pre-shared key, which is pre-customized by both parties. IPSec is a protocol based on IP. For a pre-shared key, it can only be established. On the basis of the IP of the other party, this makes the pre-shared key authentication only applicable to the fixed IP address, and limits the use of the authentication method by the network device using DHCP (Dynamic Host Configuration Protocol).

2. Border routers prevent IP spoofing

Configure the border router to prohibit packets entering from the external network but claiming that they have an internal network IP address through the router. In this way, packets sent from external IP spoofing attacks are filtered by the router to ensure the security of the target host. In IMS, a border router is used at the reference point between the visited network and the home network. As shown in FIG. 2a, a border router is deployed between the UE and the P-CSCF when the P-CSCF belongs to the home network; as shown in FIG. 2b, when the P-CSCF belongs to the access network, the P-CSCF and the S-CSCF Deploy border routers. If the P-CSCF accesses the network, the S-CSCF provides a trust mechanism to the P-CSCF, that is, the IP of the P-CSCF is legal for the border router. Since the P-CSCF does not belong to the internal network in this case, if the UE spoofs using the IP of the P-CSCF, the border router cannot recognize it.

Border routers can only act on external IP spoofing, and there is nothing that can be done inside the network. Summary of the invention

The object of the present invention is to provide a mutual authentication method and system for network devices in a multimedia subsystem, so as to improve the security and reliability of the multimedia subsystem.

An embodiment of the present invention provides a mutual authentication method for a network device in a multimedia subsystem, where an entity identity identifier of the authentication response network device is stored in the authentication response network device, and the entity identity identifier and the location are stored in the home subscriber server. Corresponding relationship between the entity identity identifier and the universal resource identifier of the authentication response network device, the method comprising the following steps: the authentication initiation network device receives the service request message sent by the authentication response network device, and from the service request message Obtaining a universal resource identifier of the authentication response network device; the authentication initiation network device sends an authentication vector request to the home subscriber server, where the authentication vector request includes a universal resource identifier of the authentication response network device;

Querying, by the home subscriber server, the entity identity identifier of the corresponding authentication response network device according to the corresponding relationship and the universal resource identifier of the authentication response network device; And calculating an authentication vector according to the entity identity, and sending the authentication vector to the authentication initiation network device, or sending the entity identity identifier to the authentication initiation network device, where the authentication initiation network device is configured according to the Calculating an authentication vector for the entity identity identifier;

The authentication initiation network device sends an authentication challenge to the authentication response network device, where the authentication challenge includes parameters in the authentication vector;

After receiving the authentication challenge, the authentication response network device parses the parameters in the authentication vector, performs operations according to parameters in the authentication vector, and sends the result of the operation to the Authentication initiates a network device;

After receiving the authentication response message, the authentication initiation network device determines whether the authentication is successful according to the content of the authentication response message; if the authentication is successful, sends an authentication success message to the authentication response network device.

The embodiment of the present invention further provides a mutual authentication system for a network device in a multimedia subsystem, including a home user server, a first network device, and a second network device.

The home subscriber server, where the entity identity identifier of the second network device and the correspondence between the entity identity identifier and the universal resource identifier of the second network device are stored; and the authentication vector is calculated according to the entity identity identifier and Sending the authentication vector to the first network device, or sending the entity identity identifier to the first network device, where the first network device calculates an authentication vector according to the entity identity identifier;

The first network device includes:

An authentication information obtaining unit, configured to receive and obtain a universal resource identifier of the second network device, and obtain the authentication vector calculated according to the entity identity identifier;

An authentication information sending unit, configured to send an authentication challenge to the second network device, where the authentication challenge includes the authentication vector;

An authentication determining unit, configured to determine, according to the authentication response of the second network device, whether the authentication is successful;

And the second network device, where the entity identity of the second network device is stored, and the authentication interaction with the first network device includes:

And an authentication operation unit, configured to perform an operation on the authentication vector from the first network device, and feed back the result of the operation to the first network device by using an authentication response. In summary, in the technical solution provided by the embodiment of the present invention, the AKA authentication and key agreement process is much more than the IPSec, and is suitable for real-time communication services.

The entity identity of the authentication response network device is bound to the universal resource identifier, and the network device using DHCP (Dynamic Host Configuration Protocol) can adopt IPSec IKE. The border router has the ability to identify the external trusted network device, thereby solving the problem of illegally masquerading the authentication response network device regardless of whether the authentication response network device is in the internal home network or the external access network. For example, the UE illegally masquerades as a P-CSCF.

Border routers not only protect against peripherals, but also prevent spoofing between internal network devices, such as spoofing between P-CSCFs. Thereby improving the security and reliability of the multimedia subsystem. DRAWINGS

FIG. 1 is a schematic diagram of an IMS security architecture in the prior art;

Figure 2a shows the deployment of the border router of the P-CSCF in the home network in the prior art; Figure 2b shows the deployment of the border router when the P-CSCF accesses the network in the prior art; A schematic diagram of a process of S-CSCF and P-CSCF authentication when the UE is located in the home network in an embodiment;

FIG. 4 is a schematic diagram showing the generation of an authentication vector in the first embodiment of the present invention; FIG.

FIG. 5 is a schematic diagram of an authentication algorithm according to a first embodiment of the present invention; FIG.

6 is a diagram showing an S-CSCF and a UE in a roaming state in a second embodiment of the present invention;

Schematic diagram of the process of P-CSCF certification;

FIG. 7 is a diagram showing the S-CSCF and the UE in a roaming state in the third embodiment of the present invention;

Schematic diagram of the process of P-CSCF certification;

FIG. 8 is a diagram showing the S-CSCF and the UE in a roaming state in the fourth embodiment of the present invention;

Schematic diagram of the P-CSCF authentication process;

FIG. 9 is a structural diagram of an authentication apparatus according to an embodiment of the present invention. detailed description

The invention will now be further described with reference to the drawings and embodiments. Authentication between network entities is exemplified by authentication between the P-CSCF and the S-CSCF.

Typically, IMS defines AKA (authentication and key agreement) as two-way authentication between the user and the home network. In an embodiment of the invention, the AKA mechanism is extended between network devices The authentication is performed, and the P-CSCF and the S-CSCF in the IMS network device are mutually authenticated, thereby better solving the problem that the UE masquerades as the P-CSCF and the S-CSCF to directly send the SIP message.

In an embodiment provided by the present invention, an entity identity is first stored in the P-CSCF to identify the identity of the P-CSCF, the entity identity containing the following information:

P-CSCF identity information

P-CSCF private key K

Name of the network to which the P-CSCF belongs

At the same time, the correspondence between the entity identity, the entity identity, and the Session Initiation Protocol Uniform Resource Identifier (SIP URI) of the P-CSCF is stored in the HSS. In the subsequent authentication process, the private key K of the P-CSCF will be used as the pre-shared key for AKA authentication.

After the UE registers in the IMS network, the signaling path between the UE and the S-CSCF has been established. At this time, the UE's location has two conditions: it is within the home network, and it is roaming. The authentication schemes of the S-CSCF and the P-CSCF in these two cases are described in detail below using different implementation schemes.

Example 1:

When the UE is in the home zone, that is, in the non-roaming state, the UE sends a SIP message INVITE to the home zone P-CSCF, including the initial session description protocol SDP. The initial SDP may contain one or more media descriptions. Next Home Zone The P-CSCF selects the location of the next hop CSCF. In the non-roaming state, the next hop is the home zone S-CSCF. Prior to this, the authentication process of the home zone S-CSCF and the home zone P-CSCF is triggered, which is similar to the AKA authentication. Referring to Figure 3, the certification process is as follows:

Step 101: The home zone S-CSCF sends an authentication vector request to the home zone HSS, where the content of the request includes the SIP URL of the P-CSCF to be authenticated.

Step 102: The home zone HSS queries the entity identity information of the P-CSCF according to the universal resource identifier (SIP URI) of the home zone P-CSCF that is requested to be registered, and uses the private key of the P-CSCF as the pre-shared secret. Key K, calculates the authentication vector.

Referring to FIG. 4, the home area HSS generates some parameters using fl ~ f5 to calculate the authentication vector AV, which is a quintuple composed of RAND, XRES, CK, IK, and AUTN. In the figure, K is the private 128-bit key of the P-CSCF, and only the P-CSCF and HSS store the key. Information; SQN is a 48-bit serial number; RAND is a 128-bit random number; AMF is a 16-bit message authentication field; MAC is a 64-bit message authentication code generated by function fl; XRES is a 64-bit expected response value generated by the function CK is the 128-bit encryption key generated by function β; ΙΚ is the 128-bit integrity key generated by function f4; AK is the 48-bit anonymous key generated by function f5; AUTN is the authentication token; AV authentication vector, That is, the five-tuple.

Step 103: The home zone HSS returns the calculated authentication vector to the S-CSCF. Step 104: The home zone S-CSCF sends an authentication challenge to the home zone P-CSCF, including the random number RAND and the authentication token AUTN.

Step 105: The home zone The P-CSCF calculates the XMAC after receiving these, and checks whether the XMAC is equal to the MAC and whether the SQN is in the correct range. If the check is successful, the P-CSCF calculates RES and calculates CK and IK:.

Referring to FIG. 5, the P-CSCF first calculates an anonymous key according to RAND and AUTN in the authentication request message: AK=f5 _k (RAND),

And according to the modulo two plus SQN=(SQN ® ΑΚ) Θ ΑΚ;

Next, the P-CSCF calculates XMAC=fl _k (SQN II RAND II AMF) and compares it with the MAC included in the AUTN. If the different indicates that the authentication is unsuccessful, a new authentication process or report failure may be initiated. If the MAC and XMAC are the same, further verify whether the SQN is in the correct range. If it is within the correct range, calculate RES, otherwise a synchronization failure message will be sent, and the S-CSCF will send a synchronization failure message to the HSS, starting with the HSS. The synchronization process.

Step 106: The P-CSCF sends the calculated authentication parameter to the S-CSCF through the authentication response message.

Step 107: The S-CSCF compares the RES sent by the XRES and the P-CSCF. If the comparison is the same, the P-CSCF is successfully authenticated, and subsequent communication can be performed.

Step 108: The S-CSCF sends an authentication success message to the P-CSCF.

Step 109: After the authentication is completed, both parties determine that CK and IK are assigned keys.

At this point, the authentication between the P-CSCF and the S-CSCF is completed. Subsequent session messages will be encrypted using the keys CK, IK. In this embodiment, the authentication between the P-CSCF and the S-CSCF is triggered when the UE sends a message. If necessary, the S-CSCF can trigger two-way authentication between the S-CSCF and the P-CSCF. The identity private key K of the P-CSCF is independent of the identity of the UE, so the triggering of the authentication is not necessarily related to the UE.

Example 2:

When the UE is in the roaming state, the authentication process is triggered when the roaming area P-CSCF directly requests the service from the home zone S-CSCF. See Figure 6. The certification process is as follows:

Step 201: The home zone S-CSCF may query the address of the roaming zone HSS according to the SIP URI information in the P-CSCF sending message, and the home zone S-CSCF requests the P-CSCF entity identity identifier from the roaming zone HSS. 102 is similar.

Step 202: The roaming area The HSS transmits the entity identity (including the identity, the private key, and the home network) of the P-CSCF to the home zone S-CSCF. The information is transmitted by the S-CSCF public key in the home zone and digitally signed to ensure the privacy, integrity and authenticity of the transmitted information.

Step 203: The home zone The S-CSCF calculates an authentication vector according to the obtained entity identity. Step 204: The home zone S-CSCF and the roaming zone P-CSCF complete the AKA two-way authentication, and the authentication step is similar to the step of Embodiment 1, and details are not described herein again.

Example 3:

In the above embodiment, the authentication vector is calculated in the S-CSCF, and the authentication vector can also be calculated in the HSS. Referring to Figure 7, the authentication steps are as follows:

When the roaming area is roaming, the authentication process is triggered when the roaming area P-CSCF requests the service directly from the home zone S-CSCF.

Step 301: The home zone S-CSCF may query the address of the roaming zone HSS according to the SIP URI information in the P-CSCF sending message, and the home zone S-CSCF sends an authentication vector request to the roaming zone HSS. SIP URL of the authenticated P-CSCF

Step 302: The roaming area HSS queries the entity identity information of the P-CSCF according to the universal resource identifier (SIP URI) of the home zone P-CSCF, and calculates an authentication vector according to the pre-shared key K therein.

Step 303: The roaming area HSS returns the calculated authentication vector to the home zone S-CSCF. The transmission of information is encrypted by the public key of the home zone S-CSCF and digitally signed to ensure the privacy, integrity and authenticity of the transmitted information.

Step 304: The home area S-CSCF and the roaming area P-CSCF complete the AKA two-way authentication, and the authentication step is similar to the steps of Embodiment 1, and will not be described again.

This technical solution does not conflict with IPSec. It is not a substitute and replaced relationship. The entity identity private key K can be used as a pre-shared key for IPSec to establish a security association, thus providing good compatibility.

Example 4:

When the UE is in the roaming state, the authentication process is triggered when the roaming area P-CSCF directly requests the service from the home zone S-CSCF. See Figure 8. The certification process is as follows:

Step 401: The home zone S-CSCF sends a request to the roaming zone S-CSCF to request authentication of the P-CSCF.

Step 402: The roaming area S-CSCF and the P-CSCF perform AKA two-way authentication.

Step 403: The roaming area S-CSCF transmits the identity information of the P-CSCF (including the identity identifier, the private key K, the home network) to the home zone S-CSCF, and the communication keys CK and ΙΚ: obtained by the step 402 authentication. The information is transmitted by the S-CSCF public key in the home zone and digitally signed to ensure the privacy, integrity and authenticity of the transmitted information.

Step 404: The S-CSCF of the home zone establishes a trust relationship with the roaming zone P-CSCF. There are two modes:

1. Security mode: Use the private key of the P-CSCF passed by the S-CSCF in the roaming area Κ,

The P-CSCF performs another authentication with the S-CSCF of the home zone.

2. Fast mode: Roaming area P-CSCF and home area S-CSCF uses CK and IK for subsequent encrypted communication.

Since the authentication of the scheme AKA is established on the P-CSCF identity private key K, K is allocated in advance outside the network, thereby ensuring the confidentiality of K. On the one hand, AKA's results allow both parties to authenticate each other, negotiating CK and IK for subsequent sessions. CK is used to guarantee the confidentiality of messages; IK is used to guarantee integrity.

In the embodiment of the present invention, a mutual authentication system for a network device in a multimedia subsystem is further provided. Referring to FIG. 9, an authentication response network device 910 and an authentication initiation network device 920 are provided. And the home server 930, the authentication initiating network device 910 includes an authentication information acquiring unit 911, an authentication challenge sending unit 912, and an authentication determining unit 913, where the authentication response network device 920 includes an authentication computing unit 921, the authentication response network. The device 920 is provided with an entity identity identifier of the authentication response network device, and the entity identity identifier and the corresponding relationship between the entity identity identifier and the universal resource identifier of the authentication response network device are set in the home subscriber server.

The authentication information acquiring unit 911 is configured to authenticate the initiating network device to obtain an authentication vector, and the response network device 920 sends an authentication challenge, where the authentication challenge content includes the authentication vector;

The authentication operation unit 921 is configured to: after the authentication response network device 920 receives the authentication challenge, parse the authentication vector, perform an operation according to the authentication vector, and use the authentication determining unit 913 for the After the authentication initiation network device receives the authentication response, the content of the authentication response determines whether the authentication is successful.

The authentication initiation network device 910 may be an S-CSCF, and the authentication response network device 920 may be a P-CSCF.

The preferred embodiments of the present invention have been described in detail by way of example, but those skilled in the art will recognize that various modifications and equivalents can be made to the embodiments of the present invention without departing from the spirit and scope of the invention. .

Claims

Rights request

A mutual authentication method for a network device in a multimedia subsystem, wherein the authentication response network device stores an entity identity identifier of the authentication response network device, and stores the entity identity identifier in a home subscriber server Corresponding relationship between the entity identity identifier and the universal resource identifier of the authentication response network device, the method includes the following steps: the authentication initiation network device receives the service request message sent by the authentication response network device, and requests from the service Obtaining, in the message, a universal resource identifier of the authentication response network device;

The authentication initiating network device sends an authentication vector request to the home subscriber server, where the authentication vector request includes a universal resource identifier of the authentication response network device;

The home subscriber server queries the corresponding entity identity identifier of the authentication response network device according to the correspondence relationship and the universal resource identifier of the authentication response network device; the home subscriber server calculates an authentication vector according to the entity identity identifier. And sending the authentication vector to the authentication initiation network device, or sending the entity identity identifier to the authentication initiation network device, where the authentication initiation network device calculates an authentication vector according to the entity identity identifier;

2. The mutual authentication method according to claim 1, wherein the entity identity identifier comprises identity information of the authentication response network device, a private key of the authentication response network device, and a name of the network to which the authentication response network device belongs.

The mutual authentication method according to claim 1, wherein, when the user equipment is in the home zone state, the authentication initiation network device and the authentication response network device are the home zone authentication initiation network device and the authentication response network device.

The mutual authentication method according to claim 1, wherein, when the user equipment is in the roaming area, the authentication initiation network device is a home zone authentication initiation network device, and the authentication response network device is a roaming zone authentication response. Internet equipment.

The mutual authentication method according to claim 1, wherein when the user equipment is in the roaming area, the authentication response network device is a roaming area authentication response network device, and the authentication response network device service request message is received. The authentication initiation network device is a home zone authentication initiation network device, and the other authentication initiation network devices are roaming zone authentication initiation network devices, and the authentication initiation network device further includes before sending an authentication vector request to the home subscriber server. :

The home zone authentication initiation network device sends an authentication request to the roaming zone authentication initiation network device, requesting the roaming zone authentication initiation network device to authenticate the roaming zone authentication response network device.

The mutual authentication method according to claim 5, wherein, when the user equipment is in the roaming area, after determining whether the authentication is successful according to the content of the authentication response message, the method further includes:

And the roaming area authentication initiation network device transmits the entity identity identifier of the authentication response network device to the home zone authentication initiation network device, and the authentication of the roaming zone authentication initiation network device and the roaming zone authentication response network device result.

The mutual authentication method according to any one of claims 1 to 6, wherein the authentication initiation network device is a serving call session control function entity S-CSCF, and the authentication response network device is a proxy call^ The tongue control function entity P-CSCF.

A mutual authentication system for a network device in a multimedia subsystem, comprising: a home subscriber server, a first network device, and a second network device,

The home subscriber server, where the entity identity identifier of the second network device and the correspondence between the entity identity identifier and the universal resource identifier of the second network device are stored; and the authentication vector is calculated according to the entity identity identifier and Transmitting the authentication vector to the first network device, or sending the entity identity identifier to the first network device, where the first network device calculates an authentication vector according to the entity identity identifier;

The first network device includes: An authentication information obtaining unit, configured to receive and obtain a universal resource identifier of the second network device, and obtain an authentication vector that is calculated according to the entity identity identifier;

And an authentication operation unit, configured to perform an operation on the authentication vector from the first network device, and feed back the result of the operation to the first network device by using an authentication response.

9. The system of claim 8 wherein:

The entity identity includes identity information of the network device, a private key, or/and a name of a network to which the network device belongs.

10. The system according to claim 8, wherein the first network device is a serving call session control function entity S-CSCF, and the second network device is a proxy call session control function entity P-CSCF.