Registration and Session-Key Distribution in AAA for Mobile IP

Size: px

Start display at page:

Download "Registration and Session-Key Distribution in AAA for Mobile IP"

Whitney Lawson
5 years ago
Views:

1 Registration and Session-Key Distribution in AAA for Mobile IP Jae-Hoon Whang, Hong-Yeop Song Coding & Information Theory Department of Electrical and Electronic Engineering, YONSEI UNIV. 1/16

2 Contents 1. Introduction 2. Mobile IP and AAA 3. Conventional Registration Protocol and Replay Attack 4. Proposed Public-Key Based Registration and Session Key Distribution 5. Conclusion 2/16

3 1. Introduction Mobile IP aims to support mobility within the internet. We ll mention the security aspect of Mobile IP, And propose a new registration and sessionkey distribution protocol using public-key cryptography. 3/16

4 2. Mobile IP and AAA Mobile IP 1. Agent Advertisement 2. MN Registration request FA 3. FA relays request to HA Tunneling 7. HA tunnels data to the COA 5. FA relays status to MN 4. Registration response and binding HA 6. CN Sends data to MN via standard IP routing 4/16

5 2. Mobile IP and AAA Authentication, Authorization and Accounting (AAA) Authentication : validating the end user s identities prior to permitting them network access Authorization : defines what right and services are allowed to the end user Accounting : provides the methodology for collecting information about end user's resource consumption 5/16

6 2. Mobile IP and AAA Authentication, Authorization and Accounting (AAA) (Cont ) AAAF AAA AAAH AAA AAA MN Mobile IP FA Mobile IP HA AAAH : Home AAA server AAAF : Foreign AAA server 6/16

7 3. Conventional Registration Protocol and Replay Attack Registration Protocol The following notations are used to represent message in protocol M, N : concatenation of two messages M and N MN HM : MN s home address MN COA : MN s care-of-address HA id : HA s IP address as its ID FA id : FA s IP address as its ID N MN, N HA : nonce issued by MN and HA {M}K : encryption of message M under key K <M>K : MAC value of message M under key K S MN-HA : shared secret key between MN and HA Req : a bit pattern indicating a request Rep : a bit pattern indicating a reply Result : a value of indicating result of the request 7/16

8 3. Conventional Registration Protocol and Replay Attack MN FA HA M 1, M 1 N HA S MN HA (from previous HA s reply) M M 1, 1 S MN HA M M 2, 2 S MN HA M M 2, 2 S MN HA M 1 Req, FAid, HAid, MNHM, MNCOA, NHA, N MN M ' 2 Rep,Result, FAid, HAid, MNHM, N HA, N MN 8/16

9 4. Proposed Public-Key Based Registration and Session-Key Distribution Design principles Minimize the computing power requirement as well as administration cost imposed on MN Use mechanism for certificate retrieval and validation Provide a secure session-key distribution And we assume secure association(sa) between FA & AAAF, and HA & AAAH. 9/16

10 4. Proposed Public-Key Based Registration and Session-Key Distribution MN FA AAAF AAAH HA R1 R1 R2 R3 R4 R5 R6 R9 R8 R7 R7 10/16

11 4. Proposed Public-Key Based Registration and Session-Key Distribution New notations are related to public-key operation and session-key K AAAH, K AAAF : public key of AAAH and AAAF, respectively; K 1 AAAH, K 1 AAAF : private key of AAAH and AAAF, respectively; <<M>>K -1 A : digital signature of message M generated using private key of A; Cert AAAH, Cert AAAF : certificate of AAAH and AAAF, respectively; AD : a bit pattern indicating an advertisement; Key-Req, Key-Rep : bit patterns of session-key request and reply, respectively; S MN-AAAH : shared secret key between MN and AAAH; S MN-FA, S MN-HA, S HA-FA : session-keys generated by AAAH, shared by MN & FA, MN & HA, and HA & FA, respectively; 11/16

12 4. Proposed Public-Key Based Registration and Session-Key Distribution The protocol R1) AAAF->FA->MN : A, <<A>>K -1 AAAF, Cert AAAF where A = AD, FA id, AAAF info R2) MN->FA : C, <C>S MN-AAAH where C = Req, N MN, N AAAH, MN HM, HA id, FA id, AAAF info, Key-Req, B B = A, <<A>>K 1 AAAF, Cert AAAF R3) FA->AAAF : D where D = C, <C>S MN-AAAH 12/16

13 4. Proposed Public-Key Based Registration and Session-Key Distribution R4) AAAF->AAAH : D, N AAAF (upon receipt of R4) AAAH : validate <C>S MN-AAAH using S MN-AAAH, check whether FA id in B = FA id in C, validate Cert AAAF based on existing PKI at AAAH, validate <<A>>K 1 AAAF using authenticated K AAAF. R5) AAAH->HA : Req, MN HM R6) HA->AAAH : Rep, Result 13/16

14 4. Proposed Public-Key Based Registration and Session-Key Distribution R7) AAAH->HA : S MN-HA, S HA-FA AAAH->AAAF : F,<<F>>K 1 AAAH, Cert AAAH where F = E,<E>S MN-AAAH,N AAAF, S MN-FA, S HA-FA, K AAAF E = Rep, Result, N MN, N' AAAH, HA id, FA id, AAAF info, S MN-HA, Key-Rep (upon receipt of R7) AAAF : validate N AAAF, validate Cert AAAF based on existing PKI at AAAF, validate <<F>>K -1 AAAH using authenticated K AAAH R8) AAAF->FA : E, <E>S MN-AAAH, S MN-FA, S HA-FA 14/16

15 4. Proposed Public-Key Based Registration and Session-Key Distribution R9) FA->MN : E, <E>S MN-AAAH (upon receipt of R9) MN : validate <E>S MN-AAAH using S MN-AAAH 15/16

16 5. Conclusion In this paper, we proposed a new protocol about public-key based registration and session-key distribution This protocol guarantees safe registration and provides the secure communication with session-key. MN still relies on the use of secret key so, can t provide the non-repudiation service. 16/16

11. IP Mobility 최 양 희 서울대학교 컴퓨터공학부

11. IP Mobility 최 양 희 서울대학교 컴퓨터공학부 11. IP Mobility Introduction Terminal Mobility Person Mobility Network Mobility Internet 2002 Yanghee Choi 2 Mobile IP : Why IP addressing scheme optimized for stationary environment point of attachment