On the security of the Mobile IP protocol family

The Internet Engineering Task Force (IETF) has worked on network layer mobility for more than 10 years and a number of RFCs are available by now. Although the IETF mobility protocols are not present in the Internet infrastructure as of today, deployment seems to be imminent since a number of organizations, including 3GPP, 3GPP2 and Wimax, have realized the need to incorporate these protocols into their architectures. Deployment scenarios reach from mobility support within the network of a single provider to mobility support between different providers and technologies. Current Wimax specifications, for example, already support Mobile IPv4, Proxy Mobile IPv4 and Mobile IPv6. Future specifications will also support Proxy Mobile IPv6. Upcoming specifications in the 3GPP Evolved Packet Core (EPC) will include the use of Mobile IPv4, Dual Stack MIPv6 and Proxy Mobile IPv6 for interworking between 3GPP and non 3GPP networks. This paper provides an overview on the state-of-the-art in IETF mobility protocols as they are being considered by standardization organizations outside the IETF and focusing on security aspects.

[1]  Alpesh Patel,et al.  Problem Statement for bootstrapping Mobile IPv6 (MIPv6) , 2006, RFC.

[2]  Basavaraj Patil,et al.  Proxy Mobile IPv6 , 2008, RFC.

[3]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[4]  Hannes Tschofenig Mobile IP Interactive Connectivity Establishment (M-ICE) , 2008 .

[5]  Claude Castelluccia,et al.  Hierarchical Mobile IPv6 Mobility Management (HMIPv6) , 2005, RFC.

[6]  James Kempf,et al.  Mobile IPv6 Bootstrapping in Split Scenario , 2007, RFC.

[7]  Alpesh Patel,et al.  Authentication Protocol for Mobile IPv6 , 2006, RFC.

[8]  Rajeev Koodli,et al.  Fast Handovers for Mobile IPv6 , 2001, RFC.

[9]  Francis Dupont,et al.  Mobile IPv6 Operation with IKEv2 and the Revised IPsec Architecture , 2007, RFC.

[10]  Rajeev Koodli,et al.  IP Address Location Privacy and Mobile IPv6: Problem Statement , 2007, RFC.

[11]  Ulrike Meyer,et al.  Diameter Proxy Mobile IPv6: Support For Mobile Access Gateway and Local Mobility Anchor to Diameter Server Interaction , 2008 .

[12]  H. Soliman,et al.  Hierarchical mobile IPv6 mobility management , 2005 .

[13]  Alper Yegin DHCP Option for Home Agent Discovery in MIPv6 , 2006 .

[14]  Charles E. Perkins,et al.  Diameter Mobile IPv6: Support for Network Access Server to Diameter Server Interaction , 2009, RFC.

[15]  Charles E. Perkins,et al.  Mobility support in IPv6 , 1996, MobiCom '96.

[16]  Gerardo Giaretta AAA Goals for Mobile IPv6 , 2006 .

[17]  Glen Zorn,et al.  Diameter Extensible Authentication Protocol (EAP) Application , 2005, RFC.

[18]  Pekka Nikander,et al.  Mobile IP Version 6 Route Optimization Security Design Background , 2005, RFC.

[19]  Hesham Soliman,et al.  Status of this Memo , 1985 .

[20]  Franck Le,et al.  Mobile IPv6 and Firewalls: Problem Statement , 2006, RFC.

[21]  Larry J. Blunk,et al.  PPP Extensible Authentication Protocol (EAP) , 1998, RFC.