Authenticated Address Notification for Mobile Communication

Abstract : The authors present an improved protocol for authenticating Mobile IPv6 connections that addresses requirements established in the relevant Internet Draft. The protocol imposes minimal computational requirements on mobile nodes, uses as few messages as possible, and may be adapted to resist denial of service attacks. The protocol has two parts: an initialization phase and an update phase. The initialization phase takes advantage of available authentication infrastructure to set up a shared secret between a mobile node and a correspondent node. Each execution of the update phase uses the shared secret established in the previous phase to maintain security of the mobile connection. The authors have formally verified the correctness of the protocol using the finite-state analysis tool Murphi, which has been used previously to analyze hardware designs and security properties of several protocols. Following an introduction, the paper is structured as follows: Section 2 describes the requirements for security in Mobile IPv6, Section 3 briefly discusses the previous proposals for authenticating binding updates, Section 4 presents the authors' basic protocol, Section 5 presents modeling assumptions and analysis results, and Section 6 discusses extensions to prevent denial-of-service attacks. (32 refs.)