Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Hypertext Transfer Protocol (HTTP) Digest Authentication Using Authentication and Key Agreement (AKA) (RFC3310)

IP.com Disclosure Number: IPCOM000009813D
Original Publication Date: 2002-Sep-01
Included in the Prior Art Database: 2002-Sep-20
Document File: 19 page(s) / 37K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

A. Niemi: AUTHOR [+3]

Abstract

This memo specifies an Authentication and Key Agreement (AKA) based one-time password generation mechanism for Hypertext Transfer Protocol (HTTP) Digest access authentication. The HTTP Authentication Framework includes two authentication schemes: Basic and Digest. Both schemes employ a shared secret based mechanism for access authentication. The AKA mechanism performs user authentication and session key distribution in Universal Mobile Telecommunications System (UMTS) networks. AKA is a challenge- response based mechanism that uses symmetric cryptography.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 7% of the total text.

Network Working Group� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � A. Niemi

Request for Comments: 3310� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Nokia

Category: Informational� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � J. Arkko

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � V. Torvinen

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � Ericsson

� � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � September 2002

� � � � � � Hypertext Transfer Protocol (HTTP) Digest Authentication

� � � � � � � � � � � � � Using Authentication and Key Agreement (AKA)

Status of this Memo

� � This memo provides information for the Internet community.� It does

� � not specify an Internet standard of any kind.� Distribution of this

� � memo is unlimited.

Copyright Notice

� � Copyright (C) The Internet Society (2002).� All Rights Reserved.

Abstract

� � This memo specifies an Authentication and Key Agreement (AKA) based

� � one-time password generation mechanism for Hypertext Transfer

� � Protocol (HTTP) Digest access authentication.� The HTTP

� � Authentication Framework includes two authentication schemes: Basic

� � and Digest.� Both schemes employ a shared secret based mechanism for

� � access authentication.� The AKA mechanism performs user

� � authentication and session key distribution in Universal Mobile

� � Telecommunications System (UMTS) networks.� AKA is a challenge-

� � response based mechanism that uses symmetric cryptography.

Niemi, et. al.� � � � � � � � � � � � � � Informational� � � � � � � � � � � � � � � � � � � � � [Page 1]

RFC 3310� � � � � � � � � HTTP Digest Authentication Using AKA� � � September 2002

Table of Contents

� � 1.� Introduction and Motivation� . . . . . . . . . . . . . . . . .� 2

� � 1.1 Terminology� . . . . . . . . . . . . . . . . . . . . . . . . .� 3

� � 1.2 Conventions� . . . . . . . . . . . . . . . . . . . . . . . . .� 4

� � 2.� AKA Mechanism Overview . . . . . . . . . . . . . . . . . . . .� 4

� � 3.� Specification of Digest AKA� . . . . . . . . . . . . . . . . .� 5

� � 3.1 Algorithm Directive� . . . . . . . . . . . . . . . . . . . . .� 5

� � 3.2 Creating a Challenge . . . . . . . . . . . . . . . . . . . . .� 6

� � 3.3 Client Authentication� . . . . . . . . . . . . . . . . . . . .� 7

� � 3.4 Synchronization Failure� . . . . . . . . . . . . . . . . . . .� 7

� � 3.5 Server Authentication� . . . . . . . . . . . . . . . . . . . .� 8

� � 4.� Example Digest AKA Operation . . . . . . . . . . . . . . . . .� 8

� � 5.� Security Considerations� . . . . . . . . . . . . . . . . . . . 12

� � 5.1 Authentication of Clients using Digest AKA . . . . . . . . . . 13

� � 5.2 Limited Use of Nonce Values� . . . . . . . . . . . . . . . ....