Securing home and correspondent registrations in mobile IPv6 networks

Abstract

The Mobile IPv6 (MIPv6) protocol enables mobile nodes (MNs) to remain connected to other correspondent nodes (CNs) while roaming the IPv6 Internet. Home and correspondent registrations are essential parts of the MIPv6 protocol, whereby MNs register their care-of addresses (CoAs) with their home agents (HAs) and with their CNs, respectively. Security provision for home and correspondent registrations is a fundamental part of the MIPv6 protocol and has been an open research issue since the early stages of the protocol.This thesis examines state-of-the-art protocols for securing home and correspondent registrations in MIPv6 networks. The strengths and weaknesses of these protocols are discussed. The investigation of these protocols leads to the proposal of an enhanced home registration protocol and a family of correspondent registration protocols. The Enhanced Home Registration (EHR) protocol extends the basic home registration protocol defined in MIPv6 to support the location authentication of MNs to their HAs. The EHR is based on novel ideas of segmenting the IPv6 address space, using a symmetric CGA-based technique for generating CoAs, and applying concurrent CoAs reachability tests. As a result, EHR is able to reduce the likelihood of a malicious MN being successful in luring an HA to flood a third party with useless packets using MIPv6. In addition, EHR enables HAs to help in correspondent registrations by confirming MNs' CoAs to CNs. Simulation studies of EHR have shown that it only introduces a marginal increase in the registration delay, but a significant increase in the signalling overhead as a cost of supporting the location authentication of MNs.The thesis also proposes a family of correspondent registration protocols. These protocols rely on the assistance of home networks to confirm the MNs' ownership of the claimed HoAs and CoAs. The protocols consist of three phases: a creation phase, an update phase and a deletion phase. Informal and formal protocol analyses have confirmed the protocols' correctness and satisfaction of the required security properties. The protocols have been simulated extensively and the results show that they produce lower registration delay and a reduction in the signalling overhead during update and deletion phases. This is at the cost of a varying increase, depending on the protocol variant, in the registration delay and signalling overhead during the creation phase.EThOS - Electronic Theses Online ServiceEgyptian GovernmentGBUnited Kingdo