A Security Analysis on Kempf-Koodli's Security Scheme for Fast Mobile IPv6
نویسندگان
چکیده
Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli’s scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated. key words: Fast Mobile IPv6 security, SEND protocol, CGA, BAN-logic
منابع مشابه
Distributing a Symmetric Fast Mobile IPv6 (FMIPv6) Handover Key Using SEcure Neighbor Discovery (SEND)
Fast Mobile IPv6 requires that a Fast Binding Update is secured using a security association shared between an Access Router and a Mobile Node in order to avoid certain attacks. In this document, a method for provisioning a shared key from the Access Router to the Mobile Node is defined to protect this signaling. The Mobile Node generates a public/private key pair using the same public key algo...
متن کاملAn Enhanced Security Protocol for Fast Mobile IPv6
Recently, Kempf and Koodli have proposed a security protocol for Fast Mobile IPv6 (FMIPv6). Through the SEcure Neighbor Discovery (SEND) protocol, it achieves secure distribution of a handover key, and consequently becomes a security standard for FMIPv6. However, it is still vulnerable to redirection attacks. In addition, due to the SEND protocol, it suffers from denial of service attacks and e...
متن کاملESS-FH: Enhanced Security Scheme for Fast Handover in Hierarchical Mobile IPv6
Fast Handover for Hierarchical Mobile IPv6 (F-HMIPv6) that combines advantages of Fast Handover for Mobile IPv6 (FMIPv6) and Hierarchical Mobile IPv6 (HMIPv6) achieves the superior performance in terms of handover latency and signaling overhead compared with previously developed mobility protocols. However, without being secured, F-HMIPv6 is vulnerable to various security threats. In 2007, Kang...
متن کاملImproved Security Mechanism for Mobile IPv6
Security is a critical design issue in Mobile IPv6 since adversaries can take advantage of its routing process and arbitrarily channelize the traffic to different destinations. The original security scheme, the return routability (RR) procedure, used in Mobile IPv6 route optimization does not protect against adversaries who are on the path between the home agent (HA) and the correspondent node ...
متن کاملSecured Route Optimization and Micro-mobility with Enhanced Handover Scheme in Mobile IPv6 Networks
خسارات وارد شده به شبکه گاز شهری در یک زلزله میتواند زیانهای زیادی از جمله خسارت ناشی از آتشسوزی در شبکه زیر ساخت، و خسارت ناشی از قطع خدمات رسانی، تعمیر و تعویض اعضای شبکه، را در بر داشته باشد. در این مقاله یک مدل آتشسوزی پیشنهاد شده است. مدل پیشنهادی در یک مدل نیمه احتمالاتی مرسوم برای برآورد خسارتهای مختلف ناشی از آسیب دیدن شبکه گاز شهری، به کار برده شده است. هدف از این کار توسعه یک ابز...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IEICE Transactions
دوره 92-B شماره
صفحات -
تاریخ انتشار 2009