Hypertext Transfer Protocol (HTTP) Digest Authentication using Global System for Mobile Communications (GSM) A3 and A8
Mavenir Systems
This memo specifies a one-time password generation mechanism for Hypertext Transfer Protocol (HTTP) Digest access authentication based on Global System for Mobile Communications (GSM) authentication and key generation functions A3 and A8. The HTTP Authentication Framework includes two authentication schemes: Basic and Digest. Both schemes employ a shared secret based mechanism for access authentication. The A3-A8 mechanism performs user authentication and session key distribution in GSM and Universal Mobile Telecommunications System (UMTS) networks. A3-A8 is a challenge-response based mechanism that uses symmetric cryptography.