Enhancing IPsec Performance in Mobile IPv6 Using Elliptic Curve Cryptography

Internet has become indispensable to the modern society nowadays. Due to the dynamic nature of human activities, the evolving mobile technology has played a significant role and it is reflected in the exponential growth of the number of mobile users globally. However, the characteristic of the Internet as an open network made it vulnerable to various malicious activities. To secure communication at network layer, IETF recommended IPsec as a security feature. Mobile IPv6 as the successor of the current mobile technology, Mobile IPv4, also mandated the use of IPsec. However, since IPsec is a set of security algorithm, it has several well-known weaknesses such as bootstrapping issue when generating a security association as well as complex key exchange mechanism. It is a well-known fact that IPsec has a high overhead especially when implemented on Mobile IPv6 and used on limited energy devices such as mobile devices. This paper aims to enhance the IPsec performance by substituting the existing key exchange algorithm with a lightweight elliptic curve algorithm. The experiments managed to reduce the delay of IPsec in Mobile IPv6 by 67% less than the standard implementation

Status of This Memo

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2006). A mobile node needs at least the following information: a home address, a home agent address, and a security association with home agent to register with the home agent. The process of obtaining this information is called bootstrapping. This document discusses issues involved with how the mobile node can be bootstrapped for Mobile IPv6 (MIPv6) and various potential deployment scenarios for mobile node bootstrapping

Guaranteed access over consumer-level connections

Tässä opinnäytetyössä tutkitaan konseptia Redundant Array of Independent Internet Connections (RAIIC), jossa ajatuksena on tarjota luotettava yhteys usean halvan ja epäluotettavan liittymän yli. Yhtä epäluotettavaa liittymää käytetään kerrallaan tämän tilaa jatkuvasti tarkkaillen. Jos yhteyden tila heikkenee, järjestelmä siirtää liikenteen toiselle liittymälle ilman että kommunikoivat osapuolet huomaavat muutosta. Näin ollen voidaan tarjota virtuaalinen, luotettava bittiputki halpojen yhteyksien yli. Tutkimusta varten kehitimme Mobile IP -protokollaan pohjautuvan toteutuksen. Tällä pääsimme testaamaan konseptia oikeassa tietoverkossa. Mittasimme, miten liittymän vaihtaminen vaikuttaa loppukäyttäjän kokemaan palvelunlaatuun. TCP-protokollalla liittymän vaihto vastasi palvelussa 1 - 1.5 sekunnin katkoa, joka on vielä hyvinkin siedettävä. VoIP-palvelun laatu ei laskenut alle kohtalaisen tason (Mean Opinion Score -asteikolla "Fair").The scope of this thesis was providing guaranteed access over an array of unguaranteed and cheap consumer-grade connections. We tested how well high-availability access can be created with Redundant Array of Independent Internet Connections (RAIIC). In RAIIC, multiple unreliable connections are bundled together. Customer traffic is transferred on one connection at a time. State of the current connection is constantly monitored. If connectivity deteriorates, the system switches the traffic onto another unreliable connection. Connection switching should be invisible to the communicating nodes. For this study we developed a Mobile IP based implementation. We were able to test the concept on running code. We measured how the connection switching affects the end-user experience and the results seemed quite promising. On TCP the switching corresponded to 1 - 1.5 second outage, which is considered to be well tolerable. VoIP quality remained "Fair" in Mean Opinion Score metrics

Using Link Layer Information to Enhance Mobile IP Handover Mechanism. An investigation in to the design, analysis and performance evaluation of the enhanced Mobile IP handover mechanism using link layer information schemes in the IP environment.

Mobile computing is becoming increasingly important, due to the rise in the number of portable computers and the desire to have continuous network connectivity to the Internet, irrespective of the physical location of the node. We have also seen a steady growth of the market for wireless communication devices. Such devices can only have the effect of increasing the options for making connections to the global Internet. The Internet infrastructure is built on top of a collection of protocols called the TCP/IP protocol suite. Transmission Control Protocol (TCP) and Internet Protocol (IP) are the core protocols in this suite. There are currently two standards: one to support the current IPv4 and one for the upcoming IPv6 [1]. IP requires the location of any node connected to the Internet to be uniquely identified by an assigned IP address. This raises one of the most important issues in mobility because, when a node moves to another physical location, it has to change its IP address. However, the higher-level protocols require the IP address of a node to be fixed for identifying connections. The Mobile Internet Protocol (Mobile IP) is an extension to the Internet Protocol proposed by the Internet Engineering Task Force (IETF) that addresses this issue. It enables mobile devices to stay connected to the Internet regardless of their locations, without changing their IP addresses and, therefore, an ongoing IP session will not be interrupted [2, 3, 4]. More precisely, Mobile IP is a standard protocol that builds on the Internet Protocol by making mobility transparent to applications and higher-level protocols like TCP. However, before Mobile IP can be broadly deployed, there are still several technical barriers, such as long handover periods and packet loss that have to be overcome, in addition to other technical obstacles, including handover performance, security issues and routing efficiency [7]. This study presents an investigation into developing new handover mechanisms based on link layer information in Mobile IP and fast handover in Mobile IPv6 environments. The main goal of the developed mechanisms is to improve the overall IP mobility performance by reducing packet loss, minimizing signalling overheads and reducing the handover processing time. These models include the development of a cross-layer handover scheme using link layer information and Mobile Node (MN) location information to improve the performance of the communication system by reducing transmission delay, packet loss and registration signalling overheads. Finally, the new schemes are developed, tested and validated through a set of experiments to demonstrate the relative merits and capabilities of these schemes