1 / 19

Secure Mobile IPv6 Binding Updates with Identity-based Signature

Secure Mobile IPv6 Binding Updates with Identity-based Signature. Mr. Warodom Werapun warodom@graduate.kmitl.ac.th. Objective. Apply Identity-based signature framework to secure Binding Updates. To get bandwidth efficiency with security. Outline. Introduction Mobile IP scenario

eve-whitney
Download Presentation

Secure Mobile IPv6 Binding Updates with Identity-based Signature

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Mobile IPv6 Binding Updates with Identity-based Signature Mr. Warodom Werapun warodom@graduate.kmitl.ac.th

  2. Objective • Apply Identity-based signature framework to secure Binding Updates. • To get bandwidth efficiency with security.

  3. Outline • Introduction • Mobile IP scenario • Home Agent registration • Triangle routing • Routing Optimization • Security Review • Identity-based signature framework • Conclusionand future work

  4. Mobile IP scenario CoA CoA Home Address

  5. Home Agent Registration

  6. Triangle Routing

  7. Routing Optimization

  8. Security Review • Symmetric cryptography • Easy to use and implement • How to exchange the secret key • n^2 – n keys problem • Asymmetric cryptography • Use 2 keys: a private key and public key • Use certificated to verify public key

  9. Identity-based signature PublicKey • In 1984, Shamir asked for a public key encryption schemes • Until 2001, D. Boneh and M. Franklin implement An Identity-based cryptosystem • To verify each other’s signatures without exchanging public or private keys 3ffe:b80:1e99:2::2 Or wwarodom@hotmail.com

  10. Assumption for our framework • Suitable for use in organization only, for example, used in mobile conference. • Require a pre-existing security association between MN and its HA. • All nodes must implement an identity based cryptosystem and had system parameters for sign and verify signature. • The HA acts as an Identity based Private Key Generator.

  11. Pre-exist security association • ID_SETUP: takes a parameter k (random) as input and generates params (system parameters) and master-key (know only PKG) • System parameters: elliptic curve equation, Point on elliptic curve, multiplicative of master-key with Point on elliptic curve, Hash function • ID_EXTRACT: input params, master-key and public_key (IPv6 address) and return private key to users

  12. Pre-exist security association • Issue by PKG (ID_EXTRACT) • included system parameters

  13. Secure Binding Updates • Mobile node signed binding updates and sent to correspondent node

  14. Secure Binding Updates • Binding Updates: contain home address, care of address etc. following IPv6 header extension. • Signature: Hash the BU and sign with private key and params.

  15. BU - Sign • The mobile node sent the BU to the CN by using ID_SIGN function. Sig = ID_SIGN(params, PrivKey, BU ); R = kP, S = k-1(H2 (M) P + Did) (1) Where: Did = sH1(IPv6-Address) (2) Qid = H1(IPv6-Address)(3) params

  16. BU - Verify • The CN verify the BU from the mobile node by using ID_VERIFY function Valid = ID_VERIFY(Sig, ID, params, BU ); ê (R, S) = ê (kP, k -1 (H2(M)P + Did)) (4) = ê (P, H2(M)P + sQid ) = ê (P,P)H2(M) · ê (P, sQid) = ê (P,P)H2(M) · ê (Ppub,Qid)(5) Qid = H1(ID) params

  17. Expected result • Get rid of the number of certificates because any nodes do not need to verify public key. • Identity-based cryptography implement based on elliptic curved cryptography to produce public-key cryptosystems and protocols that are more bandwidth efficient. • An elliptic curve whose order is a 160-bit prime offers approximately the same level of security as DSA with 1024-bit modulus p and RSA with 1024-bit modulus n.

  18. Conclusion and future work • Proposed Identity-based signature framework to secure the Binding Updates. • A key challenge is CN does not need to verify the mobile node public key. • We aim to use network simulator tools to evaluate network performance with strong security.

  19. THE END Question?

More Related