Diffie-Hellman key based authentication in proxy mobile IPv6

Wireless communication service providers have been showing strong interest in Proxy Mobile IPv6 for providing network-based IP mobility management. This could be a prominent way to support IP mobility to mobile nodes, because Proxy Mobile IPv6 requires minimal functionalities on the mobile node. While several extensions for Proxy Mobile IPv6 are being developed in the Internet Engineering Task Force, there has been little attentions paid to developing efficient authentication mechanisms. An authentication scheme for a mobility protocol must protect signaling messages against various security threats, e.g., session stealing attack, intercept attack by redirection, replay attack, and key exposure, while minimizing authentication latency. In this paper, we propose a Diffie-Hellman key based authentication scheme that utilizes the low layer signaling to exchange Diffie-Hellman variables and allows mobility service provisioning entities to exchange mobile node’s profile and ongoing sessions securely. By utilizing the low layer signaling and context transfer between relevant nodes, the proposed authentication scheme minimizes authentication latency when the mobile node moves across different networks. In addition, thanks to the use of the Diffie-Hellman key agreement, pre-established security associations between mobility service provisioning entities are not required in the proposed authentication scheme so that network scalability in an operationally efficient manner is ensured. To ascertain its feasibility, security analysis and performance analysis are presented.

[1]  Hongke Zhang,et al.  SHIP: Cross-layer mobility management scheme based on Session Initiation Protocol and Host Identity Protocol , 2009, Telecommun. Syst..

[2]  Stuart Jacobs Mobile IP Public Key Based Authentication , 2001 .

[3]  Tai-Myung Chung,et al.  A comparative performance analysis on Hierarchical Mobile IPv6 and Proxy Mobile IPv6 , 2009, Telecommun. Syst..

[4]  Mike E. Woodward,et al.  Performance evaluation with different mobility models for dynamic probabilistic flooding in MANETs , 2009 .

[5]  Myung-Ki Shin,et al.  Handover Latency Analysis of a Network-Based Localized Mobility Management Protocol , 2008, 2008 IEEE International Conference on Communications.

[6]  Rajeev Koodli Mobile IPv6 Fast Handovers , 2009, RFC.

[7]  Basavaraj Patil,et al.  Proxy Mobile IPv6 , 2008, RFC.

[8]  Tai-Myoung Chung,et al.  A competent global mobility support scheme in NETLMM , 2009 .

[9]  Mimoza Durresi,et al.  Secure authentication in heterogeneous wireless networks , 2008, Mob. Inf. Syst..

[10]  Nada Golmie,et al.  Performance Metrics for IEEE 802.21 Media Independent Handover (MIH) Signaling , 2010, Wirel. Pers. Commun..

[11]  Ian F. Akyildiz,et al.  An inter-system handoff technique for the IMT-2000 system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[12]  Tai-Myung Chung,et al.  Secure handover for Proxy Mobile IPv6 in next-generation communications: scenarios and performance , 2011, Wirel. Commun. Mob. Comput..

[13]  Samuel Pierre,et al.  An Analytical Framework for Performance Evaluation of IPv6-Based mobility Management Protocols , 2008, IEEE Transactions on Wireless Communications.

[14]  Ulrike Meyer,et al.  Internet Engineering Task Force (ietf) Diameter Proxy Mobile Ipv6: Mobile Access Gateway and Local Mobility Anchor Interaction with Diameter Server , 2022 .

[15]  Charles E. Perkins,et al.  Mobility support in IPv6 , 1996, MobiCom '96.

[16]  James Kempf,et al.  Mobile IPv6 Bootstrapping in Split Scenario , 2007, RFC.

[17]  Telemaco Melia,et al.  An overview of IEEE 802.21: media-independent handover services , 2008, IEEE Wireless Communications.

[18]  Frank Xia,et al.  RADIUS Support for Proxy Mobile IPv6 , 2012, RFC.

[19]  Frank Xia,et al.  Fast Handovers for Proxy Mobile IPv6 , 2010, RFC.