Mobile IPv6 (MIPv6) allows a mobile node to talk directly to its peers while retaining the ability to move around and change the currently used IP address. This mode of operation is called route optimization (RO), as it allows the packets to traverse a shorter route than the default one through the home agent. In route optimization, the peer node learns a binding between the mobile node's permanent home address and its current temporary care-of-address. Once such a binding is in place, the peer node will send all packets whose destination is the home address to the care-of-address. This is potentially dangerous, since a malicious host might be able to establish false bindings, thereby preventing some packets from reaching their intended destination, diverting some traffic to the attacker, or flooding third parties with unwanted traffic. In this paper we discuss the design rationale behind the MIPv6 route optimization security design.
[1]
Jari Arkko,et al.
MIPv6 BU Attacks and Defenses
,
2002
.
[2]
Randy Bush,et al.
Some Internet Architectural Guidelines and Philosophy
,
2002,
RFC.
[3]
Charles E. Perkins,et al.
Mobility support in IPv6
,
1996,
MobiCom '96.
[4]
Pekka Nikander,et al.
Mobile IP Version 6 Route Optimization Security Design Background
,
2005,
RFC.
[5]
Erik Nordmark,et al.
Securing MIPv6 BUs using return routability (BU3WAY)
,
2001
.
[6]
Michael Roe,et al.
Authentication of Mobile IPv6 Binding Updates and Acknowledgments
,
2002
.