The IP Multimedia Subsystem is the standardized next generation networking architecture for telecom operators that want to provide fixed and mobile multimedia services. The aim of IMS is not only to provide new services but all the services, current and future, that the Internet provides. IMS supports many types of communications, including instant messaging, push to talk, video conferencing, It also provides roaming capabilities and authentication.

Since IMS provides a very wide connectivity across different networks, authentication of the users is an important security issue. IMS uses the IETF's (Internet engineering task force) HTTP digest authentication protocol for network access.The HTTP Authentication Framework includes two authentication schemes: Basic and Digest.

In HTTP basic authentication, a client has to send a password to the server for getting authenticated, so there is a chance that some one may intercept the network and get to know that password. The Basic scheme is inherently insecure in that it transmits user credentials in plain text.

HTTP digest authentication lets a client prove to the server that it knows a password, without having to send the password in clear. The client performs a computation based on the password and a random value supplied by the server. The result is transmitted to the server which performs the same computation and if finds identical answer, authenticates the client.



Download detailed report from the attachment below on HTTP Digest Authentication Using Aka