310 likes | 441 Views
Authentication In Mobile Internet Protocol version 6 Liu Ping. Supervisor: professor Jorma Jormakka. 1. Introduction 2. Mobility support 3. Security mechanisms and threats analysis 4. Address ownership problem 5. Present solution 6. Conclusion.
E N D
Authentication In Mobile Internet Protocol version 6Liu Ping Supervisor: professor Jorma Jormakka
1. Introduction2. Mobility support3. Security mechanisms and threats analysis4. Address ownership problem5. Present solution6. Conclusion
1. Introduction2. Mobility support3. Security mechanisms and threats analysis4. Address ownership problem5. Solution6. Conclusion
Motivation • Mobile device and Ebusiness • Current solutions are fairly completedto be implemented • Related work • Strong authentication: PKI • Weak authentication: CGA, CAM and RR • Our solution Based on asymmetric and symmetric encryption algorithm to distribute an ID and a session key
CGA:Cryptographically Generated Address • CAM:Child-proof Authentication for MIPv6 • RR:Return Routability
1. Introduction2. Mobility support3. Security mechanisms and threats analysis4. Address ownership problem5. Solution6. Conclusion
MN:Mobile Node, it is MIPv6 • CN:Correspondent Node is communicating node with a MN, it is either stationary node or mobile node • HA:Home Agent, a router is on a MN’s home link. It registers all necessary information for a MN, i.g. CoA, HoA • CoA:A MN’s Care-of Address, which is temporary and a foreign link assigns to the MN on the foreign link • HoA:A MN’s permanent IPv6 address on its home link
Bidirectional tunneling MN HA CN
Route Optimization CN MN
Need a binding process: MN sends CoA to its HA and CNs when it’s out of its home link • CN saves the MN’s CoA into its BUC-binding update cache • CN can deliver a packet to the MN directly by setting the packet’s source address to be the MN’s CoA • Route optimization can reduce congestions of the MN’s home link and HA, but introduces new vulnerabilities
BU message’s header CN’s BU entry BU process • HoA: a MN’s HoA cannot be abused • CoA: CN’s BUC must save correct MN’s CoA
1. Introduction2. Mobility support3. Security mechanisms and threats analysis4. Address ownership problem5. Solution6. Conclusion
Security Mechanisms • Authorization and trust • Authentication • Integrity • Confidentiality • Anti-replay
Authorization and trust:A CN verifies whether a MN has right to create or update its BUC • Authentication:MN and CN can verify their identifies • Integrity:BU message cannot be modified by an unauthorized node • Confidentiality:CoA and HoA cannot be disclosed to malicious nodes • Anti-replay:An attacker delivers old, out-of date packet to CN by pretending to be a MN
BUC ::20:10:10:10 BU MN CN False BU ::30:10:10:10 MN attacker Source address: ::30:10:10:10 Destination address: ::CN’s IP address Home address option: MN’s home address ::40:10:10:10
Threats analysis • Man-In-the-Middle attack • Denial of Service attack
Man-In-the-Middle attack A B Attacker
Denial Of Service Attack MN CN Attacker
1. Introduction2. Mobility support3. Security mechanisms and threats analysis4. Address ownership problem5. Solution6. Conclusion
A MN’s HoA works as a searching key during BU process • A MN’s HoA must be secret enough, otherwise, attacker can launch a passive or an active attack easily by sending a false BU message to a CN
1. Introduction2. Mobility support3. Security mechanisms and threats analysis4. Address ownership problem5. Solution6. Conclusion
Solution Overview • Using an ID shared only with a pair MN and CN as a searching key • Apply RSA asymmetric to distribute an ID and a session key • Apply Twofish symmetric algorithm to encrypt/decrypt CoA during BU process
Preparation Procedure MN generates public/private key Public key MN-----------------------------------CN MN<---------------------------------CN [ID, session key] public MN saves the ID and session key
Binding update procedure MN---------------------------------CN [CoA] session & ID CN’s BU entry CN decrypts CoA by session CN verifies CoA and saves
Verifyprocedure • An attacker It is failed because of IPsec protection (without a SA shared with CN before). An attacker cannot do any more harmful thing.
Verifyprocedure • An cheater: has a SA before ID ID or session key is not correct, Session key CNdrops packet. Compares CoA and CoA source address
1. Introduction2. Mobility support3. Security mechanisms and threats analysis4. Address ownership problem5. Present solution6. Conclusion
Summary • Solve address ownership problem • Prevent possible attacks • Implementation simple • Suitable any kinds of computer and memory • It is difficult to recognize a cheater
Future work 1. Combine software and hardware 2. Ciphertext error • Transmission process • Storage medium • Recover plaintext from errors