Defending against redirect attacks in mobile IP
The route optimization operation in Mobile IP Version 6 (MIPv6) allows direct routing from any correspondent node to any mobile node and thus eliminates the problem of "triangle routing" present in the base Mobile IP Version 4 (MIPv4) protocol. Route optimization, however, requires that a...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2002
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/1100 https://ink.library.smu.edu.sg/context/sis_research/article/2099/viewcontent/DefendingRedirectAttacksMobileIP_2002.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| Summary: | The route optimization operation in Mobile IP Version 6 (MIPv6) allows direct routing from any correspondent node to any mobile node and thus eliminates the problem of "triangle routing" present in the base Mobile IP Version 4 (MIPv4) protocol. Route optimization, however, requires that a mobile node constantly inform its correspondent nodes about its new care-of addresses by sending them binding update messages. Unauthenticated or malicious binding updates open the door for intruders to perform redirect attacks, i.e., malicious acts which redirect traffic from correspondent nodes to locations chosen by intruders. How to protect binding update messages to defend against redirect attacks is a challenging problem given the open environment in which MIPv6 operates. In this paper, we first look at two solutions proposed by the IETF Mobile IP Working Group and point out their weaknesses. We then present a new protocol for securing binding update messages. We also show that our protocol achieves strong security and at the same time is highly scalable to wide spread deployment. |
|---|