Abstract
We propose a new binding update (BU) protocol between mobile node (MN) and correspondent node (CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also proposed is stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Security of our proposed protocol is analyzed and compared with other protocols.
This work was supported (in part) by the Ministry of Information & Communications, Korea, under the Information Technology Research Center (ITRC) Support Program.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Johnson, D., Perkins, C., Arkko, J.: Mobility Support in IPv6, RFC 3775 (June 2004)
Aura, T., Roe, M., Arkko, J.: Security of Internet Location Management. In: Proc. The 18th Annual Computer Security Applications Conference, Las Vegas (December 2002)
Aura, T.: Mobile IP Security. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2002. LNCS, vol. 2845, pp. 215–234. Springer, Heidelberg (2004)
Nikander, P., Arkko, J., Aura, T., Montenegro, G., Nordmark, E.: Mobile, I.P. version 6 Route Optimization Security Design Background, draft-ietf-mip6-ro-sec-02 (October 2004)
O’Shea, G., Roe, M.: Child-proof Authentication for MIPv6 (CAM). ACM Computer Communications Review 31(2) (July 2001)
Montenegro, G., Castelluccia, C.: Statistically Unique and Cryptographically Verifiable Identifiers and Addresses. In: Proc. ISOC Symposium on Network and Distributed System Security (NDSS 2002), San Diego (February 2002)
Aura, T.: Cryptographically Generated Addresses, RFC 3972 (March 2005)
Deng, R., Zhou, J., Bao, F.: Defending against Redirect Attacks in Mobile IP. In: Proc. The 9th ACM conference on Computer and communications security, Washington D.C, November 18-22 (2002)
You, I.-S., Cho, K.: A security proxy based protocol for authenticating the mobile iPv6 binding updates. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 167–174. Springer, Heidelberg (2004)
Soliman, S.: Mobile IPv6: Mobility in a Wireless Internet. Addison-Wesley, Reading (2004)
Arkko, J., Devarapalli, V.: F. Dupont, Using IPsec to Protect Mobile IPv6 Signaling between Mobile Nodes and Home Agents, RFC 3776 (June 2004)
Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, p. 170. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kang, HS., Park, CS. (2005). MIPv6 Binding Update Protocol Secure Against Both Redirect and DoS Attacks. In: Feng, D., Lin, D., Yung, M. (eds) Information Security and Cryptology. CISC 2005. Lecture Notes in Computer Science, vol 3822. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11599548_35
Download citation
DOI: https://doi.org/10.1007/11599548_35
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30855-3
Online ISBN: 978-3-540-32424-9
eBook Packages: Computer ScienceComputer Science (R0)