Skip to main content
SpringerLink
Log in

A public‐key based secure Mobile IP

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

The need of scaleable key management support for Mobile IP, especially the route‐optimized Mobile IP, is well known. In this paper, we present the design and the implementation of a public key management system that can be used with IETF basic and route optimized Mobile IP. The system, known as the Mobile IP Security (MoIPS) system, was built upon a DNS based X.509 Public Key Infrastructure and the innovation in cross certification and zero‐message key generation. The system can supply cryptographic keys for authenticating Mobile IPv.4 location management messages and establishing IPSec tunnels for Mobile IP redirected packets. It can also be used to augment firewall traversal of Mobile IP datagrams. A FreeBSD UNIX implementation of the MoIPS prototype is available for non‐commercial uses.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. R. Atkinson, Security architecture for the Internet protocol, RFC1825, IETF Network Working Group (August 1995).

  2. A. Aziz, Simple Key-management for Internet Protocol (SKIP), <draft-ietf-ipsec-skip-06>, IETF IP Security Working Group (November 1995).

  3. A. Aziz, T. Markson and H. Prafullchandra, Certificate discovery protocol, <draft-ietf-ipsec-skip-06>, IETF IPSec Working Group (November 1995).

  4. S.M. Bellovin, Security problems in TCP/IP protocol suite, ACM Computer Communications Review 19(2) (March 1989).

  5. T. Dierks and C. Allen, The TLS protocol version 1.0, RFC2246, IETF Network Working Group (January 1999).

  6. D.E. Eastlake III and O. Gudmundsson, Storing certificates in the domain name system, <draft-ietf-dnssec-certs-01>, IETF DNS Security Working Group (November 1997).

  7. D.E. Eastlake III and C.W. Kaufman, Domain name system security extensions, <draft-ietf-dnssec-secext-06>, IETF DNS Security Working Group (October 1995).

  8. S. Garfinkel, PGP: Pretty Good Privacy(O'Reilly and Associates, 1995).

  9. D. Harkins and D. Carrel, The Internet Key Exchange (IKE), RFC2409, IETF Network Working Group (November 1998).

  10. P. Helinek, N. Yuan, M. Condell and J. Zao, Security architecture for global host mobility, Quarterly Technical Report #6, BBN (February 1997).

  11. R. Housley, W. Ford, W. Polk and D. Solo, Internet public key infrastructure, Part I: X.509 certificate and CRL profile, <draftietf-pkix-ipki-part1–06>, IETF PKIX Working Group (October 1997).

  12. R. Housley, W. Ford and D. Solo, Internet public key infrastructure, Part I: X.509 certificate and CRL profile, <draft-ietfpkix-ipki-part1–02>, IETF PKIX Working Group (June 1996).

  13. D.B. Johnson, The CMU monarch project, http://www. monarch.cs.cmu.edu/

  14. D.B. Johnson and C. Perkins, Route optimization in MI, <draftietf-mobileip-optim-03>, IETF Mobile IP Working Group (November 1995).

  15. P. Karn and W.A. Simpson, Photuris session key management protocol, <draft-ietf-ipsec-photuris-08>, IETF IP Security Working Group (November 1995).

  16. H. Krawczyk, M. Bellare and R. Canetti, HMAC-MD5: Keyed-MD5 for message authentication, <draft-ietf-ipsec-hmacmd5–03>, IETF IP Security Working Group (March 1996).

  17. H. Krawczyk, M. Bellare and R. Canetti, HMAC-SHA-1: Keyed-SHA-1 for message authentication, <draft-ietf-ipsechmac-sha1–03>, IETF IP Security Working Group (March 1996).

  18. D. Maughan, M. Schertler, M. Schneider and J. Turner, Internet Security Association & Key Management Protocol (ISAKMP), <draft-ietf-ipsec-isakmp-07>, IPSec Working Group (February 1997).

  19. J. McHugh and J. Binkley, The Portland State University Secure Mobile Networking Project, http://www.cs.pdx.edu/ research/smn.

  20. P.V. Mockapetris, Domain Names: Concepts and facilities, RFC1034 (November 1987).

  21. G. Montenegro, Reverse tunneling for Mobile IP, <draft-ietfmobileip-tunnel-reverse-02>, IETF Mobile IP Working Group (March 1997).

  22. G. Montenegro and V. Gupta, Firewall support for Mobile IP, <draft-montenegro-firewall-sup-03>, IETF Mobile IP Working Group (January 1998).

  23. C. Perkins, ed., IP mobility support, RFC2002, proposed standard, IETF Mobile IP Working Group (October 1996).

  24. C. Perkins, IP Encapsulation within IP, RFC2003, proposed standard, IETF Mobile IP Working Group (October 1996).

  25. C. Perkins, Minimum encapsulation within IP, RFC2004, proposed standard, IETF Mobile IP Working Group (October 1996).

  26. D. Piper, The Internet IP security domain interpretation for ISAKMP, <draft-ietf-ipsec-ipsec-doi-06>, IPSec Working Group (November 1997).

  27. Public Key Cryptographic Standard No. 11-Cryptoki. V.1.0, RSA Laboratories (April 1995).

  28. J.K. Zao and M. Condell, Use of IPSec in Mobile IP, <draftietf-mobileip-use-01>, IETF Mobile IP Working Group (November 1997).

  29. J. Zao, J. Gahm and M. Condell, Security architecture for global host mobility, Quarterly Technical Report #5, BBN (October 1996).

  30. J. Zao and S. Kent, New key generation algorithm for Mobile IP control message authentication, MoIPS Quarterly Technical Report #3, Sect. 4, BBN Corp. (April 1996).

  31. N. Ziring and D.E. Peele, Programming with Cryptoki, an objectoriented approach, NSA Technical Report (January 1996).

Download references

Author information

Authors and Affiliations

  1. Advanced Networking Department, GTE Internetworking/BBN Technologies Inc., Cambridge, MA, USA

    Joshua Gahm, Gregory Troxel, Matthew Condell, Pam Helinek & Isidro Castineyra

  2. Ernst & Young LLP, Boston, MA, USA

    Nina Yuan

Authors
  1. John Zao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stephen Kent
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joshua Gahm
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gregory Troxel
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Matthew Condell
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Pam Helinek
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Nina Yuan
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Isidro Castineyra
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zao, J., Kent, S., Gahm, J. et al. A public‐key based secure Mobile IP. Wireless Networks 5, 373–390 (1999). https://doi.org/10.1023/A:1019179817993

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/A:1019179817993

Keywords

Search

Navigation