Publication Type

Conference Proceeding Article

Publication Date

11-2002

Abstract

The route optimization operation in Mobile IP Version 6 (MIPv6) allows direct routing from any correspondent node to any mobile node and thus eliminates the problem of "triangle routing" present in the base Mobile IP Version 4 (MIPv4) protocol. Route optimization, however, requires that a mobile node constantly inform its correspondent nodes about its new care-of addresses by sending them binding update messages. Unauthenticated or malicious binding updates open the door for intruders to perform redirect attacks, i.e., malicious acts which redirect traffic from correspondent nodes to locations chosen by intruders. How to protect binding update messages to defend against redirect attacks is a challenging problem given the open environment in which MIPv6 operates. In this paper, we first look at two solutions proposed by the IETF Mobile IP Working Group and point out their weaknesses. We then present a new protocol for securing binding update messages. We also show that our protocol achieves strong security and at the same time is highly scalable to wide spread deployment.

Keywords

mobile IP security, authenticated key-exchange, mobile IP, secure binding update, redirect attack

Discipline

Information Security

Research Areas

Cybersecurity

Publication

CCS '02: Proceedings of the 9th ACM Conference on Computer and Communications Security, November 18-22, Washington, DC

First Page

59

Last Page

67

ISBN

9781581136128

Identifier

10.1145/586110.586120

Publisher

ACM

City or Country

New York

Creative Commons License

Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Additional URL

http://dx.doi.org/10.1145/586110.586120

Share

COinS