Abstract
This paper proposes a mechanism to secure the mobile IPv6 networks by integrating identity based cryptosystem with cryptographically generated address. Based on an in-depth analysis of attacks and countermeasures in the CGA-based protocols, this paper gives an analysis of the so called ”unauthentic key attacks”, and presents a mechanism to solve this problem by integrating an IBC scheme called Combined Public Key (CPK) with CGA. Both the deployment considerations and performance analysis of this IBC-CGA scheme are present in the paper.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aura, T.: Mobile IPv6 security. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 2845, pp. 215–228. Springer, Heidelberg (2004)
Aura, T., Roe, M.: Designing the mobile ipv6 security protocol. In: Microsoft Research Technical Report MSR-TP-2006-42 (2006)
Ren, K., Lou, W., Zeng, K., Bao, F., Zhou, J.: Routing optimization security in mobile ipv6. Computer Networks 13, 2401–2419 (2006)
Kent, S., Atkinson, R.: Security architecture for the internet protocol. RFC 2401 (1998), http://www.ietf.org/rfc/rfc2401.txt
Arkko, J., Nikander, P.: Weak authentication: How to authenticate unknown principals without trusted parties. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 2845, pp. 5–19. Springer, Heidelberg (2004)
Nikander, P.: An address ownership problem in ipv6. Internet Draft, draft-nikander-ipng-addressownership-00.txt, Work in Progress (2001)
Nikander, P.: Denial-of-service, address ownership, and early authentication in the ipv6 world. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 2845, pp. 12–21. Springer, Heidelberg (2004)
Arkko, J., Vogt, C., Haddad, W.: Applying cryptographically generated addresses and credit-based authorization to mobile ipv6. draft-ietf-mipshop-cga-cba-00, work in progress (2006)
Aura, T.: Cryptographically generated addresses (CGA). RFC 3972 (2003), http://www.ietf.org/rfc/rfc3972.txt
Haddad, W., Krishnan, S., Soliman, H.: Using cryptographically generated addresses (CGA) to secure HMIPv6 protocol (HMIPv6sec). draft-haddad-mipshop-hmipv6-security-06, work in progress (2006)
Haddad, W., Krishnan, S.: Authenticating fmipv6 handovers. draft-haddad-mipshop-fmipv6-auth-02, work in progress (2006)
IETF, MIPSHOP: Mobility for ip: Performance, signaling and handoff optimization, http://www.ietf.org/html.charters/mipshop-charter.html
O’Shea, G., Roe, M.: Child-proof authentication for mipv6 (cam). ACM Computer and Communication Review 2 (2001)
Nikander, P.: A scalable architecture for ipv6 address ownership. Internet Draft, Work in Progress (2001)
Aura, T.: Cryptographically generated addresses, pp. 29–43 (2004)
Shamir, A.: Identity-based encryption from the weil pairing. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Tang, W., Nan, X., Chen, Z.: Combined public key cryptosystem. In: Proceedings of International Conference on Software,Telecommunications and Computer Networks (SoftCOM’04). IEEE ComSoc., Los Alamitos (2004)
Research, C.: Standards for efficient cryptography, sec 1: Elliptic curve cryptography(2000), http://www.secg.org/download/aid-385/sec1_final.pdf
Jonsson, J., Kaliski, B.: Public-key cryptography standards (PKCS) #1: RSA cryptography specifications version 2.1. RFC 3447 (2003), http://www.ietf.org/rfc/rfc3447.txt
Aura, T.: Secure neighbor discovery protocol (SEND). RFC 3971 (2003), http://www.ietf.org/rfc/rfc3971.txt
Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd edn. John Wiley and Sons Inc, Chichester (1996)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cao, Z., Deng, H., Ma, Y., Hu, P. (2007). Integrating Identity Based Cryptography with Cryptographically Generated Addresses in Mobile IPv6. In: Gervasi, O., Gavrilova, M.L. (eds) Computational Science and Its Applications – ICCSA 2007. ICCSA 2007. Lecture Notes in Computer Science, vol 4706. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74477-1_48
Download citation
DOI: https://doi.org/10.1007/978-3-540-74477-1_48
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74475-7
Online ISBN: 978-3-540-74477-1
eBook Packages: Computer ScienceComputer Science (R0)