Securing Binding Updates between Mobile Node and Correspondent Node in Mobile IPv6 Environment 20 th APAN Network Research Workshop Rahmat Budiarto NAv6,

Securing Binding Updates between Securing Binding Updates between Mobile Node and Correspondent Mobile Node and Correspondent Node in Mobile IPv6 EnvironmentNode in Mobile IPv6 Environment

20th APAN Network Research Workshop

Rahmat BudiartoNAv6, USM

IntroductionIntroduction What is IPv6?What is IPv6?

IPv6 is the next generation IP Address.IPv6 = 2001:0468:0C80:1341:0280:1CFF:FE15:5820 Huge Number of addresses 2128 = 340 Undecillion AddressesBuilt-in Mobility Support (Main Feature)

Why do we need IPv6?Why do we need IPv6?Limited addressing space in IPv4Growing Internet Community

More laptops, Broadband service, Hotspots…

Growing Mobile Technology 3G Network, Nokia and Mobile phone service providers

What is Mobile IPv6?What is Mobile IPv6?

Mobile IPv6Mobile IPv6

Terms Used Mobile Node -a node which travels from one to another network Home Agent - Router in the Home network Correspondent Node - Node which Mn communicating with Home-of Address – Mn’s IP Address in Home Network Care-of Address - Mn’s IP Address in Foreign Network Binding Update - What is binding Update?

BindingBinding UpdateUpdate

•Between Mobile Node and Home AgentBetween Mobile Node and Home Agent (Current Protocol - IPSec)(Current Protocol - IPSec)

•Between Mobile Node and Correspondent Between Mobile Node and Correspondent NodeNode (Current Protocol - Return Routability)(Current Protocol - Return Routability)

Binding update is the act of Mn,Binding update is the act of Mn,

To update its new To update its new Care of AddressCare of Address. . (to HA & Cn)(to HA & Cn)

This paper is about Mobile IPv6 and This paper is about Mobile IPv6 and Binding Update. (only Mn and Cn)Binding Update. (only Mn and Cn)

Related PapersRelated Papers What others has done about Binding What others has done about Binding

Update?Update? Is it a current issue?Is it a current issue? Is it an interesting topic? Is it an interesting topic?

Scope and Background of the Paper

Literature Review / Related Literature Review / Related WorkWork

1.1. Securing return Routability protocol against Securing return Routability protocol against Active Attack Active Attack

Uses Modified RR and Digital SignatureUses Modified RR and Digital Signature Also use Public Key Cryptography for strong securityAlso use Public Key Cryptography for strong security Conclusion : Public Key is very huge, not practical to Conclusion : Public Key is very huge, not practical to

implementimplement

2.2. Mobile IPv6 route Optimization Security Design Mobile IPv6 route Optimization Security Design Has made small enhancement to RRHas made small enhancement to RR Introduce time stamp for kbm (eliminate time shifting Introduce time stamp for kbm (eliminate time shifting

attack)attack) Conclusion : Introduce Route Optimization (Kbm expiration)Conclusion : Introduce Route Optimization (Kbm expiration)

3.3. Early Binding Updates for Mobile IPv6Early Binding Updates for Mobile IPv6 Introduces two Early Binding messagesIntroduces two Early Binding messages Reduces the overall network latency Reduces the overall network latency Conclusion : Provides a good performance Result Conclusion : Provides a good performance Result

4.4. Using IPSec between Mobile and correspondent IPv6 NodesUsing IPSec between Mobile and correspondent IPv6 Nodes New approach introducedNew approach introduced Mostly based on assumption and needs more Security AssociationMostly based on assumption and needs more Security Association Assumption made as manual selection and peer to peer basedAssumption made as manual selection and peer to peer based Conclusion : Ambitious, need more enabled features. (future)Conclusion : Ambitious, need more enabled features. (future)

5.5. Dynamic Diffie-Hellman based key distribution for Mobile Dynamic Diffie-Hellman based key distribution for Mobile IPv6IPv6

Uses Diffie-Hellman key exchange method Uses Diffie-Hellman key exchange method Four message exchange, possible man-in-the middle attackFour message exchange, possible man-in-the middle attack Conclusion : Lacks of Authentication, might need PKI or AAA Conclusion : Lacks of Authentication, might need PKI or AAA

implementationimplementation

Literature Review / Related Work (continue)Literature Review / Related Work (continue)

Methodology

Secret Key Binding TechniqueNew Approach to Secure Binding Update Between Mn and Cn to replace Return Routability

1. Pre-Binding Secret Key Exchange Method

• Key Exchange Process in Home Network

• Diffie-Hellman Key Exchange

• Two Message Exchange

2. Secret Key Encryption Method

• Process takes place in Foreign Network

• 2 Binding test message exchange

• 2 Binding update message exchange

Start

Mobility Enabled?

End

Diffie-Hellman Key Exchange

DH Exchange Successful?

Pre-Binding key Exchange Complete

Return

Yes

No

Yes

No

Pre-Binding Secret Key Exchange Method

Secret Key Encryption Method

Start

Process starts when Mn Obtain New CoA

and Send Binding Test Msg

Binding Test msg received?

Binding Complete Successfully?

Secret Key Encryption Completed

Return

Return

Yes

No

No

Yes

Binding Test Reply send to Mn thru HA

Mn send Binding Update

to Cn

Cn will send Binding Acknowledgement

to Mn

Secret Key Binding Technique Secret Key Binding Technique ScenarioScenario

Internet ISP

Home Agent

Mobile NodeFF:01::01

Home-Of Address

FF:84::05

Care-Of Address

Correspondent Node

FF:08::04

Home Network

Foreign Network 1

Foreign Network 2

Pre-Binding Key Exchange

Secret Key Encryption

Secret Key Binding Technique Completed

Shown as per Flow Diagram

Implementation / ResultImplementation / Result

Simulation presented using Network Simulation presented using Network Simulator 2 (NS2)Simulator 2 (NS2)

C++ (System Language) - Simulator ConfigurationC++ (System Language) - Simulator ConfigurationTCL (Scripting Language) - Topology ConfigurationTCL (Scripting Language) - Topology Configuration

Results presented using Trace Graph Results presented using Trace Graph utility.utility.

Secret Key Binding TechniqueSecret Key Binding Technique

How it works?

Pre-Binding Secret Key Exchange Method

Message from Mn to Cn / Cn to Mn (Home Network) MN={FF:01::01}

This is the first step:

•Diffie-Hellman Key Exchange (2 messages)

•Takes place in Home Network

•After the Pre-binding Secret key Exchange, the communication process continues as normal.

Secret Key Binding (Binding Test)

Binding Test message from Mn to Cn (Encrypted with (S) {Sn , HoA , T , MnC})

Binding Test Reply from Cn to Mn thru HA (Encrypted with (S) {Sn , T , CnC})

Second Method:

• Secret Key encryption step

•4 messages Exchange

•2 Binding Test messages

•2 Binding messages

Secret Key Binding (Binding Update)

Binding Update (Encrypted with (S) {Sn , T , H(MnC+CnC) , BU} )

Binding Acknowledgement (Encrypted with (S) {Sn , T , BA})

The parameters used in Secret key Binding The parameters used in Secret key Binding Technique show how some of the major Technique show how some of the major security threats eliminated (Security)security threats eliminated (Security)

Number of message exchange, time taken Number of message exchange, time taken and time delay show the performance and time delay show the performance efficiency of the protocol (Performance)efficiency of the protocol (Performance)

Protocol AchievementProtocol Achievement

Security ConsiderationSecurity Consideration

Return Routability Procedure

Secret Key Binding Technique

Authentication Yes Yes

Authorization Yes Yes

Confidentiality Yes Yes

Integrity Yes Yes

Non-Repudiation No Yes

Cryptography No Yes

*Security Threats

Security ConsiderationSecurity Consideration

Return Routability Procedure

Secret Key Binding Technique

Eavesdropping Yes No

Traffic Analysis Yes No

Masquerading No No

Reply Attack No No

Message Modification Yes No

Denial-of Service No No

Man-in-the-middle No No

False binding No No

*Possible Vulnerabilities

Performance ConsiderationPerformance ConsiderationSecret Key Binding

Technique

Return Routability Procedure

Number of Nodes Involved 3 3

Process Time Length 0.079s 0.127s

Average Network Delay 0.00346s 0.00537s

Total Number of Packets Exchange 47 52

Total Number of Bytes sent 5132 10824

Total Packets generated by Mn 16 22

Total Bytes sent by Mn 1908 4192

*Overall Performance of Mobile Network Simulation

Performance MeasurementPerformance Measurement

Secret Key Binding Technique Return Routability

Performance Efficiency Performance Efficiency measurement & Comparisonmeasurement & Comparison

  SKB RR SKB RR SKB RR SKB RR

Number of Process 1 1 10 10 100 100 1000 1000

Total Processing Time 79.0ms 12.7ms 81.7ms 129.6ms 819.6ms 1299.6ms 8199.7ms 12999.6ms

Total Number of packets 47 52 227  340 2027 3216 20027 32016

Minimum Network Delay 0.064ms 0.064ms 0.064ms 0.064ms 0.064ms 0.064ms 0.064ms 0.064ms

Maximum Network Delay 0.457ms 0.870ms 0.457ms 0.870ms 0.457ms 0.870ms 0.457ms 0.870ms

Average Network Delay 0.346ms 0.537ms 0.444ms 0.813ms 0.456ms 0.853ms 0.457ms 0.857ms

Number of Packet Loss 0 1 16 28 196 296 1996 2996

Performance Test has been conducted to test the efficiency of the protocol.

• Comparison made between RR and SKB

• 1 to 1000 processes in a scenario has been tested

• Shows the average delay of both protocol. Efficiency ≈ 50%

Secret Key Binding Performance Trace Secret Key Binding Performance Trace OutputOutput

Return Routability Performance Trace outputReturn Routability Performance Trace output

ContributionContribution

New approach for Binding UpdateNew approach for Binding UpdateSecret Key Binding TechniqueSecret Key Binding Technique

Pre-Binding Secret key Exchange MethodPre-Binding Secret key Exchange MethodSecret key encryption MethodSecret key encryption Method

Cryptographic Based Binding MethodCryptographic Based Binding Method Improved performance Improved performance

Less number of packet exchangeLess number of packet exchangeLess time taken to finish the processLess time taken to finish the process

ConclusionConclusion

A new method has been introduced A new method has been introduced for BUfor BU

Secret Key Binding TechniqueSecret Key Binding TechniqueMore Secure (cryptographic Based)More Secure (cryptographic Based)Better PerformanceBetter Performance

Space for future enhancementSpace for future enhancement

Future WorksFuture Works

Enhancement to the DH key Enhancement to the DH key ExchangeExchange

IKE or AAA method can be used to IKE or AAA method can be used to improve the Key Exchange Method improve the Key Exchange Method

Thank You.

Rahmat Budiarto20th APAN 200508/2005