Browse > Article
http://dx.doi.org/10.13089/JKIISC.2005.15.5.115

MIPv6 Binding Update Protocol Secure Against both Redirect and DoS Attacks  

Kang Hyun-Sun (Dankook University)
Park Chang-Seop (Dankook University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.15, no.5, 2005 , pp. 115-124 More about this Journal
Abstract
We propose a new binding update(BU) protocol between mobile node(CN) and correspondent node(CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also propose the stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Suity of our proposed Protocol is analyzed and compared with other protocols. The proposed protocol is more efficient than previous schemes in terms of the number of message flows and computation overhead and is secure against both redirect and DoS attacks.
Keywords
MIPv6; Binding update protocol; CGA; Diffie-Hellman key agreement;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Montenegro, G., Castelluccia, C., 'Statistically Unique and Cryptographically Verifiable Identifiers and Addresses,'In Proc. ISOC Symposium on Network and Distributed System Security (NDSS 2002), San Diego, Feb. 2002
2 Nikander, P., Arkko, J. and Aura, T., Montenegro, G., Nordmark, E., 'Mobile IP version 6 Route Optimization Security Design Background,' draft-ietfmip6-ro-sec-02, Oct. 2004
3 Johnson, D., Perkins, C. and Arkko, J., 'Mobility Support in IPv6,' RFC 3775, June 2004
4 Deng, R., Zhou, J., and Bao, F., 'Defending against Redirect Attacks in Mobile IP,' In Proc. The 9thACM conference on Computer and communications security, Washington D.C., Nov 18-22, 2002
5 Aura, T., 'Mobile IP Security,' Security Protocols: The 10th Int'l Workshop, Cambridge, U.K., Apr. 17-19, 2002, LNCS 2845, Springer Verlag, 2003
6 You, I. and Cho, K., 'A Security Proxy Based Protocol for Authentic- ating the Mobile IPv6 Binding Upda- tes,' Computational Science and Its Applications ICCSA 2004:Internati- onal Conference, Assisi, Italy, May 14-17, 2004, LNCS 3043, Springer Verlag, 2004
7 Aura, T., 'Cryptographically Generat- ed Addresses,'RFC 3972, March 2005
8 O'Shea, G. and Roe, M., 'Child-proof Authentication for MIPv6 (CAM),' ACM Computer Communications Review, 31 (2), July 2001
9 Aura, T., Nikander, P., and Leiwo, J., 'DoS-resistant Authentication with Clients Puzzles,' Security Protocols: The 8th Int'l Workshop, Cambridge, U.K., Apr. 25-27 2000, LNCS 2133, Springer Verlag, 2001
10 Arkko, J., Devarapalli, V. and F. Dupont, 'Using IPsec to Protect Mobile IPv6 Signaling between Mobile Nodes and Home Agents,' RFC 3776, June 2004
11 Aura, T., Roe, M. and Arkko, J., 'Security of Internet Location Man- agement,' In Proc. The 18th Annual Computer Security Applications Conference, Las Vegas, Dec. 2002
12 Soliman, S., 'Mobile IPv6 : Mobility in a Wireless Internet,' Addison-Wesley, 2004