An investigation of cryptographically generated address (CGA)-based authentication for mobile IPv6

It is well known that the most promising approach to solving the problem of authentication in a mobile IPv6 network is to use CGA-based authentication. The only drawback is that CGA algorithms can be computationally expensive. This study analyses the performance of the CGA generation algorithm and proposes changes to impose a minimal computational security while maintaining reasonable performance. This study also compares the use of Rivest Shamir Adleman (RSA) signatures with the Merkle Signature Scheme (MSS) for generating CGA Signatures. It finds that using MSS significantly improves the key generation time. However, more work needs to be done to improve both the CGA generation algorithm and MSS in order to make CGA-based authentication an attractive option in MIPv6 setups

A Secure and Decentralized Registration Scheme for IPv6 Network-Based Mobility Senthil Kumar Mathi 1, M.L.Valarmathi 2

Abstract — For frequent movement of a mobile device, there is a need for a secure registration procedure of the mobile device by announcing its current location to the home network, especially, if it is not in the home domain. While devising the registration procedure for mobile IPv6 (MIPv6) based network, it is essential to consider the security issues for cryptographic approaches and an infrastructure requirement on the network. If a public key based cryptography is used for improving the security, then the key exchange mechanisms of the communicants must be handled appropriately. The infrastructure based approach increases the complexity of the mobile device and the mobility agents and also requires an additional message exchanges. Hence, this paper deals with an infrastructure-less registration scheme with symmetric key approach that acts upon MIPv6 environment consisting of the mobile node, home agent, and correspondent node. The proposed scheme is simulated and evaluated for security using Murphi checker. The correctness of the signaling/message sequences of the proposed scheme are verified by the finite state machine. Finally, the simulation results reveals that better security and mutual authentication between MIPv6 nodes have been achieved, and further, mitigation for the various attack scenarios have also been addressed

Аналіз процедури хендоверу у сучасних телекомунікаційних системах з радіозв’язком

Визначено шляхи до зменшення часової затримки хендоверу при передаванні даних між абонентами, на етапах їх переходу від однієї базової станції до іншої без втрати встановленого з’єднання. Показано, що у такому випадку найбільш ефективним засобом підвищення якості функціонування мобільних телекомунікаційних мереж з підтримкою IPv6 є не лише алгоритми зменшення обов’язкових часових етапів визначення адрес, перевірки з’єднання, визначення префіксу мережі, але й проведення аналізу на предмет оптимізації маршруту передавання даних від абонента до станції, та між абонентами.The ways of reduction of dwell of handover are certain at communications of data between subscribers on the stages of their transition from one base station to other without the loss of the set connection. It is shown that in such situation by the most effective means of improvement of quality of functioning of mobile systems with support of IPv6, there are not only algorithms of reduction of the obligatory temporal stages on determination of address, verification of connection, determination of prefix of network, but also realization of analysis concerning optimization of route of communication of data from a subscriber to the station and between subscribers.Определены пути уменьшения временной задержки хэндовера при передачи данных между абонентами на этапах их перехода от одной базовой станции к другой без потери установленного соединения. Показано, что в такой ситуации наиболее эффективным средством улучшения качества функционирования мобильных телекоммуникационных сетей с поддержкой IPv6, есть не только алгоритмы уменьшения обязательных временных этапов по определению адреса, проверки соединения, определения префикса сети, но и проведение анализа касательно оптимизации маршрута передачи данных от абонента к станции и между абонентами

Multicast Mobility in Mobile IP Version 6 (MIPv6) : Problem Statement and Brief Survey

Publisher PD

Alleviation of Binding Update Re-registration Handoff Latency at Home Agent Failure in MIPv6 Network

Home Agent (HA) is an indispensable entity for binding connectivity to route packets between Mobile Node (MN) and Correspondent Node (CN). MIPv6 allows the deployment of redundant HAs to overcome HA failure. Different approaches resolve this issue to recuperate binding association information. This paper compares the effect of handoff latency in various methods and proposes a Reliable HA delivery (RHAD) mechanism to mitigate the Binding Update (BU) registration latency in HA at the time of active HA failure. We use BGP domain in network architecture and apply IBGP protocol to transmit packets between Edge Router (ER) and HA. Both the theoretical evaluation and simulation results reveal that RHAD effectively reduces BU re-registration handoff latency and increases packet delivery ratio

Implementation and Analysis of FMIPv6, an Enhancement of MIPv6

International audienceThe initial IP Mobility protocol was rst presented in 1993 for IPv4. The Mobile IP protocol solves the TCP/IP Layer 3 mobility, by assigning a permanent IP address to the mobile node. Mobile IP consists of both MIPv4 and MIPv6, but IPv4 has a couple of drawbacks, the main one being IP address exhaustion, making MIPv6 the future option for mobility protocol in IP Networks.The main goal of the mobility protocol is to enable network applications to operate continuously at the required quality of service for both wired and wireless networks. MIPv6 uses the existing IPv6 protocol to enable seamless roaming between di erent ac- cess points. MIPv6 on its own needs optimization techniques to improve the handover latency of the protocol and to minimize the latency. This paper proposes FMIPv6 protocol to minimize handover latency. Both MIPv6 and FMIPv6 protocols introduce some new terminologies as pro- posed by the Internet Engineering Task Force (IETF), which require prior familiarisation to understand the working of MIPv6 and FMIPv6

Movilidad en IPV6: simulación con Network Simulator

IP Móvil es la propuesta de Internet Engineering Task Force (IETF) para el protocolo de movilidad llamado MIPv6. Este protocolo se ha convertido en la columna vertebral de las nuevas tecnologías de redes inalámbricas mediante las cuales se busca proveer de un servicio ininterrumpido mientras se está en movimiento. Este artículo presenta una visión general del funcionamiento de dicho protocolo, los términos relacionados con este y los nuevos ensajes que vienen dentro del encabezado de movilidad en IPv6. Después se realiza una simulación de dicho protocolo con el software Network Simulator 2, bajo licencia GNU de distribución libre. Como resultado de la simulación se obtiene un archivo de trazas en el cual se plasman todos los eventos

AN ENHANCED BINDING UPDATE SCHEME FOR NEXT GENERATION INTERNET PROTOCOL MOBILITY

In recent years, the usage of mobile devices has become essential for people, both for business and for their daily activities. The mobile devices can get services directly from their home network and from other correspondent devices regardless of their position without using any intermediate agent. It is achieved by using mobility based Internet Protocol version 6, called as next generation internet protocol mobility. Since network mobility uses open air interface as a communication medium, it is possible for many security threats and attacks that might attempt to get unauthorized access from the participating entities. Consequently, the protection of network mobility from threats is one of the most demanding tasks as it must be considered without increasing the complexity while enhancing security. Hence, the paper proposes an enhanced location update scheme by incorporating the optimal asymmetric encryption method based on the random oracle model for providing security and efficiency. It emphasizes the security goals such as authentication, integrity, and confidentiality from the security analysis. In addition, it addresses the attack prevention analysis for the attacks such as rerun, man-in-the-middle and false location update. The proposed scheme is simulated and verified for security properties using a security validation tool - Automated Validation of Internet Security Protocols and Applications. Finally, the simulation studies show that the latency of the proposed scheme is reduced significantly when compared the other location update schemes