Host Identity Protocol (HIP):

Size: px

Start display at page:

Download "Host Identity Protocol (HIP):"

Raymond Chambers
5 years ago
Views:

1 Host Identity Protocol (HIP): Towards the Secure Mobile Internet Andrei Gurtov Helsinki Institute for Information Technology (HUT), Finland A John Wiley & Sons, Ltd, Publication

Contents About the Author Foreword Jan Arkko Foreword xi xii xv David Hutchison Preface Acknowledgments Abbreviations xvii xxi xxiii Part I Introduction 1 1 Overview 3 1.

2 Contents About the Author Foreword Jan Arkko Foreword xi xii xv David Hutchison Preface Acknowledgments Abbreviations xvii xxi xxiii Part I Introduction 1 1 Overview Identifier-locator split HIP in the Internet architecture Brief historyof HIP Organization of the book 9 2 Introduction to network security Goals of cryptographic protocols Basics and terminology Attacktypes Eavesdropping Impersonation Man-In-The-Middle attacks Delay and replay attacks Denial-of-Service attacks Exhaustive key space search Cryptoanalysis Defense mechanisms Symmetrie cryptography 15

vi CONTENTS 2.4.2 Public-key cryptography 19 2.4.3 One-way cryptographic hash functions 23 2.4.4 One-time signatures 25 2.4.5 Sequence numbers 26 2.4.6 Cryptographic nonces 26 2.4.7 Client puzzles 27 2.

3 vi CONTENTS Public-key cryptography One-way cryptographic hash functions One-time signatures Sequence numbers Cryptographic nonces Client puzzles Security protocols Modular exponential Diffie-Hellman groups Keying material Transforms IP security architecture: IPsec IPsec modes IPsec security protocols SIGMA Internet Key Exchange: IKE Weak authentication techniques SecureDNS 40 Part II The Host Identity Protocol 43 3 Architectural overview Internet namespaces Methods of identifying a host Overlay Routable Cryptographic Hash Identiners The purpose of an IPv6 prefix Generating and routing an ORCHID ORCHID properties The roleof IPsec Related IETF activities 49 4 Base protocol Baseexchange II packet Rl packet packet R2 packet Other HIP control packets IPsec encapsulation ESP transforms ESP Bound End-to-End Tunnel 64 5 Main extensions Mobility and multihoming Mobility and multihoming architecture Multihoming as extension of mobility Effect of ESP anti-replay window 71

CONTENTS 5.1.4 The LOCATOR parameter 74 5.1.5 Locator states 75 5.1.6 Credit-based authentication 76 5.1.7 Interaction with transport protocols 76 5.2 Rendezvous Server 78 5.2.1 Registering with a rendezvous Server 78 5.

4 CONTENTS The LOCATOR parameter Locator states Credit-based authentication Interaction with transport protocols Rendezvous Server Registering with a rendezvous Server Rendezvous parameters DNS extensions HIP requirements to DNS Storing a RVS address DNSsecurity Registration protocol The process of registration Packet formats 82 6 Advanced extensions Opportunistic mode Initiating opportunistic base exchange Implementation using a TCP Option Piggybacking transport headers to base exchange Piggybacking to Security concerns HIP service discovery Overview of Service Discovery On-the-path Service Discovery Passive Service Discovery Regional Service Discovery Simultaneous multiaccess Flow binding extension Packet formats Disseminating HITs with a presence service HITs in the Presence Information Data Format Disseminating protocol Multicast Challenges for IP multicast Host Identity Specific multicast Authenticating multicast receivers Performance measurements HIP on Nokia Internet Tablet Experimental results Test environment Basic HIP characteristics Summary 114 vu

viii CONTENTS 8 Lightweight HIP 117 8.1 Security functionalityof HIP 117 8.1.1 Performance limitations of HIP 118 8.1.2 Problem Statement 118 8.1.3 ScopeofLHIP 119 8.1.4 Threatmodel 120 8.

5 viii CONTENTS 8 Lightweight HIP Security functionalityof HIP Performance limitations of HIP Problem Statement ScopeofLHIP Threatmodel HIP high-level goals LHIP high-level goals Possible approaches LHIPdesign Hash chains for HIP authentication Time-based signatures Interactive signatures based on hash chains LHIP authentication layer LHIP integration LHIP associations Security considerations Association Upgrades: from LHIP to HIP LHIP Performance LHIP base exchange LHIP update Discussion LH1 -performance LH2 - protocol security LH3 - namespace security LH4 - compatibility 158 Part III Infrastructure Support Middlebox traversal Requirements for traversing legacy middleboxes NAT traversal Firewall traversal Strategies for legacy middlebox traversal Legacy NAT traversal NATdetection Header format Initiator behinda NAT Responder behinda NAT Initiator and Responder behind a NAT Multihoming and mobility with NATs Traversing firewalls Requirements for HIP-aware middleboxes HIP-aware firewall Flow identification 176

CONTENTS 9.4.2 Advanced extensions 177 9.4.3 Asymmetrie routing 179 9.4.4 Security risks 179 10 Name resolution 181 10.1 Problem Statement of naming 181 10.2 Distributed Hash Tables 184 10.2.1 Overview of Distributed Hash Tables 184 10.

6 CONTENTS Advanced extensions Asymmetrie routing Security risks Name resolution Problem Statement of naming Distributed Hash Tables Overview of Distributed Hash Tables OpenDHT interface HIP interface to OpenDHT Overview of overlay networks Host Identity Indirection Infrastructure Separating control, data, and naming The data plane The control plane Discussion of the Hi3 design Micromobility Local rendezvous Servers Intra-domain mobility Inter-domain mobility Secure micromobility Hash chain authentication Secure network attachment Micromobility handover Network mobility Delegation of signaling Mobilerouter HarMoNy Communication privaey SPINAT BLIND Location and identity privaey Protecting host identity Protecting location privaey Anonymous identifiers Identifiers on protoeol layers Changing identifiers 223 Part IV Applications Possible HIP applications Virtual Private Networking P2P Internet Sharing Architecture Interoperating IPv4 and IPv6 230 ix

x CONTENTS 13.4 Secure Mobile Architecture 232 13.4.1 ComponentsofSMA 233 13.4.2 SMA testbed at Boeing 234 13.5 Live application migration 237 13.

7 x CONTENTS 13.4 Secure Mobile Architecture ComponentsofSMA SMA testbed at Boeing Live application migration Network Operator viewpoint on HIP Application interface Using legacy applications with HIP Using IP addresses Using DNS resolution Directly using HIT API for native HIP applications Overview of the design Interface speciflcation Socketattributes Integrating HIP with other protocols GeneralizedHIP Classification ofproposals HIP implications The use of Session Initiation Protocol SIP as a rendezvous service Complementary mobility Securing SIP control traffic Session Description Protocol extensions Encapsulating HIP data using SRTP Replacing HIP base exchange with IKEv Mobile IP and HIP HIP proxy for legacy hosts Legacy mobile hosts Legacy correspondent hosts 276 Appendix A Installing and using HIP 279 A.l Overview of HIP implementations 279 A.2 HIPLtutorial 281 Bibliography 285 Index 291

Host Identity Protocol

Presentation outline Host Identity Protocol Slides by: Pekka Nikander Ericsson Research Nomadiclab and Helsinki Institute for Information Technology http://www.hip4inter.net 2 What is HIP? Motivation HIP