A new router certification authority protocol for securing mobile internet protocol version 6
Loading...
Date
2007
Authors
Ali Alsalihy, Wafaa Abdul Hadi
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Mobile Internet Protocol version 6 (Mobile IPv6) has been proposed as a
standard protocol to provide mobility in Next Generation Networks. Mobile IPv6
protocol as a new protocol has a few issues that need to be addressed such as
extending the protocol to provide smooth and fast hand off mechanisms, network
mobility, quality of service and the bandwidth management of real time mobility
applications. However, the biggest issue is the security vulnerability of Mobile IPv6
because without proper security the protocol will be useless.
Mobile IPv6 has three main components: the Mobile node, the Correspondent
node and the Home Agent. For the protocol to be secure, the Mobile node and its
Home Agent should trust each other. The Correspondent node should trust the Mobile
node because the Mobile node is the one giving and updating the information to the
Correspondent node. The signals between all of these components should be secured
and authenticated.
Mobile IPv6 is currently defined with a security solution called Return Routability
that provides the Mobile node with an authentication mechanism and protects the
signals between the Mobile node and the Correspondent node. Mobile IPv6 mandates
the Internet Protocol Security (IPSec) support between the Mobile node and its Home
Agent to let them trust each other and to protect the signals between them. While
IPSec may offer strong protection (depending on the algorithm used), the use of IPSec
within Return Routability does not necessarily cover all areas of security. This solution
is especially vulnerable to the Man-in the-Middle attack.
The main objective of this thesis is to design a new security protocol to provide
higher levels of authentication and security for Mobile IPv6. This security protocol has
to provide a level of security and authentication which is higher than the current
mechanism which is Return Routability. Additionally, the new proposed security
protocol will provide a consistent framework replacing the comprehensive IPSec
implementation within Mobile IPv6. This proposed new security protocol called
Certification Authority Router’s Certificate (CARC) will also ensure protection against
the Man-in the-Middle attack.
The new proposed protocol was successfully verified using two versions of the
Murphy verifier, Murphy 3.1 and Triple Murphy. In both verifications, the new protocol
proved to be more secure than the Return Routability protocol.
Description
PhD
Keywords
Computer Science , Authority protocol , Mobile internet protocol