MGCP/H.248 Authentication

MGCP/H.248 Authentication

MGCP/H.248 Authentication

Authentication overview and Basic Algorithms

MGCP/H.248 authentication Overview

The MGCP protocol does not involve Security Authentication standards. It is not a security risk for network application end users or operators.


To solve this problem, the national standards and manufacturers have their own standards. Currently, there are few materials available. In general, the MG interacts with MGC through the extension protocol. The MD5 algorithm is introduced to encrypt the password to prevent plaintext exposure to the network. More complex, we will introduce DH negotiation and sharing keys. The research is summarized as follows:


H.248/MGCP basic principles of authentication algorithm 1:


The basic principles of authentication for H.248 and MGCP are similar. They both use Diffie-Hellman to negotiate a public secret and use it as the basis for mutual trust.


Diffie-Hellman Key Exchange is characterized by discrete logarithm: A large prime number P and a base number G. If a specific value of Y is known, evaluate the exponent X as follows:


Y = GX mod p


MoD indicates "remainder. The modulus index can be easily computed, but it is very difficult to restore the original exponent through a discrete logarithm operation.

H.248/MGCP Basic Principles algorithm 2:

Softswitch MGC sends authentication request authreq, authreq = MD5 (unknown content) to mg)

MG replies MGC authoc, MD5 (unknown content)


Check whether authoc is correct on the softswitch end.

Problem Analysis


1) The Diffie-Hellman algorithm is simple and complicated to implement because of the overflow of large numbers. Therefore, we need to introduce a large number library.


I have referencedOpen SourceAlgorithm Library for transplantation.


Reference resources:

Http://math.libtomcrypt.org


2) if there are many MD5 Algorithm resources, I will not list them. Leave a message if necessary.


3) MGCP protocol stack


There are three signals to be extended:


AUTH/authreq request Signal


AUTH/authoc event


AUTH/DH


There are also three parameters


X-EA


X-RANDOM


X-DH


X-AUTH

The following are the materials I have used to help you.

References: China Telecom MGCP protocol test specification

Rsip 65577 * @ mg. whaterver. netmgcp 1.0 NCS 1.0


RM: restart


X-EA: 1


X-RANDOM: b1bdd81eb1bdd81eb1bdd81eb1bdd81e


X-DH: dc91ee 616ea 7ab4e82dc0e 42325bafda-d146270bd185b7e4bb0d 607fea


B 24de8975e0b1bcdd21e29b321802115b30ca 14effe768593b6fec6fff6fd7d788bf


X-AUTH: 38d972fedc 6594b.

Rqnt 268435562 * @ mg. whaterver. netmgcp 1.0


X: 15


R: AUTH/authoc


S: AUTH/DH (EBC 599282516167de 0bdfdeb421baca2470ff9fc 846bc4e 14E 3ec1


E86b 6defd1e449be9017d 6b5bff76efcdd 758aa 8b29acd 8da-46ed18cfd), auth/authreq


(D567d 15485e5e07020ded6bb, 1, 0b95627084321afca422b 7718fe218)

Solution (Huawei Mode)


Current materials:


Bytes ---------------------------------------------------------------------------------------------------


TX:


Rsip 925595073 aa1/ * @ iad108.01.kdwl. Nanchang. commgcp 1.0


RM: restart


Bytes ---------------------------------------------------------------------------------------------------


RX:


200 925595073 OK


Bytes ---------------------------------------------------------------------------------------------------


RX:


Rqnt 879300970 aa1n/1@iad108.01.kdwl.nanchang.comMGCP 1.0


X: 1600000d


R: AUTH/authoc


S: AUTH/authreq (4cc 8540762e36222b08ca00005)


Bytes ---------------------------------------------------------------------------------------------------


TX:


200 879300970 OK


Bytes ---------------------------------------------------------------------------------------------------


TX:


Ntfy 2 aa1n/1@iad108.01.kdwl.nanchang.comMGCP 1.0


O: AUTH/authoc (2e7e4dfee0b66af 8ffd57ce7eaf63d)


X: 1600000d


Bytes ---------------------------------------------------------------------------------------------------


RX:


200 2 OK

The following is my guess:

Softswitch MGC sends mg authentication request authreq, authreq = MD5 (mgckey + rand ())


MG replies MGC authoc, authoc = MD5 (autheq + mgid + KI)


Check whether authoc is correct on the softswitch end.


Process:

Solution 2 (refer to China Telecom MGCP protocol test specification)


Existing materials:


Registration Request (with authentication field)

MGC responds to the MG registration request (with authentication fields) process explanation:


1) mg sends the rsip command (with wildcards) to MGC and the start method is restart. The command also contains four


The "X-" field for authentication: The number string mgauth, algorithm ID, random number Rand used for Digital Signature


DH exchange.


MG generates a random number rand in advance, and Mg then generates a private number A for DH exchange.


Obtain a = gamod (P ). Obtain the digital signature of MG through calculation:


Mgauth = MD5 (KI + mgid + A + rand );


2) After MGC receives the rsip command, it first calculates mgres = MD5 (KI + mgid + A + rand ).


If mgauth = mgres, the MG authentication is passed; otherwise, the request is rejected. After the authentication is passed, MGC will generate


A private number B for DH exchange, computing


B = gbmod (p) Get the shared authentication key KEY-MGC = abmod (p) = gabmod (p), and then generate


A random number Rand is calculated as follows:


Mgcauth = MD5 (KEY-MGC + Ki + B + rand)


3) MGC issues the rqnt command for detecting the delimiters. At the same time, MGC sends B to mg, and


Mgcauth, algorithm ID, and random number Rand. After mg obtains B and mgcauth, the shared


Authentication Key KEY-MG = bamod (p) = gabmod (p), and then calculated: mgcres = MD5


KEY-MG + Ki + B + Rand)


If mgcauth = mgcres, it indicates that it is a valid message sent by MGC.


4) send a response message to MGC.


MGC initiates Authentication


1. MGC initiates regular authentication to mg;


2. Mg echo.


Process description:


1) MGC periodically sends the rqnt command to mg for authentication. The command contains the random number Rand generated by MGC.


And the results of the shared key KEY-MGC encryption on it, also with the algorithm ID. For example, MD5 encryption,


The encryption result is MD5 (KEY-MG + rand );


2) mg echo;


3) mg uses [observedevents] In ntfy to send an authentication response to MGC with a shared key


KEY-MG encryption two items: mgid and random number rand (for mGC), while the command also contains


Method ID. If MD5 encryption is adopted, the encryption result is MD5 (KEY-MG + mgid + rand );


4) MGC echo.

Message example:


1. MGC initiates authentication to mg


Rqnt 268435462 * @ domainnamemgcp 1.0


X: 14


R: AUTH/authoc


S: AUTH/authreq (c45565b 3bcb419fa194232ef, 1, 010b 29333d47515b 79838d97)


2. Mg return command response


200 268435462 OK


3. Mg sends authentication response to MGC


Ntfy 65578 * @ domainnamemgcp 1.0


X: 14


O: AUTH/authoc (122daa 8b9155bb 0127aec15ba, 1)


4. MGC return command response


200 65578 OK