View
214
Download
0
Category
Preview:
Citation preview
1
Julien LaganierMEXT WG, IETF-79, Nov. 2010
Authorizing MIPv6 Binding Update with Cryptographically
Generated Addresses
http://tools.ietf.org/id/draft-laganier-mext-cga-01.txt
2
Overview
RFC 3775 secures Binding Updates to Home Agent with IPsec
RFC 4866 allows to secure Binding Updates to Correspondent Nodes with a public key signature when the HoA is a CGA
MEXT WG rechartered to experiment with security mechanisms alternatives to IPsec
Secure Binding Updates to Home Agent based on CGA as well
3
Solution
MN: generates public-private key pair generates from public key an HoA that is a CGA signs Binding Update with private key
HA: verifies HoA ownership by verifying signature Optimization: HA sends to MN a symmetric
secret key to MN to protect further Binding Updates, ciphered with public key Secret key used to compute MAC over BU
4
Choices to be made
Is MN authorized for HA service? CGA validates address ownership Does not prevent any MN to create state with
arbitrary HA Solutions:
Provision MN with Authorization Certificates HA has repository of authorized MN public keys Restrict service to MN that attached to home link
Is MN trusted by HA: Does HA verifies CoA reachability with RR test?
Avoid third party flooding attack
5
Choices to be made, Cont’d
How to provide Anti-replay protection? Initial Binding Creation currently
protected with timestamp in BUAlternative: 3-way handshake with
NonceFurther Binding Updates (Lifetime
Extension, Handoffs, Deletion) protected with Sequence Number and symmetric secret key MAC
6
IPv4 support
IPv4-only visited network m6t http://tools.ietf.org/html/draft-ebalard-mext-m6t On-demand creation of UDP tunnel
For each new IPv4 CoA Assigns new unique local IPv6 address Tunnel exists as long as it’s used
Same security level as RFC 5555 Does not protect against active attacks Protects again passive attacks
IPv4-only application Configure IPv4 Home address as in RFC 5555
7
Pros and Cons
No dependency on IPsecNo impact on IPsec
IPsec can still be used independently
Does not re-invent ESP and ESP tunneling in UDP Ala
http://tools.ietf.org/html/draft-korhonen-mext-mip6-altsec
Allows fully decentralized HA operation Possibly useful for Distributed/Dynamic Mobility
Management?
8
Next Steps
Is there interest in the WG? Makes some choices
MN trusted? MN authenticated? Implement and experiment...
9
Thank you
Recommended