Re-thinking Security in IP Based Micro-Mobility

Security problems in micro-mobility are mostly related to trust establishment between mobile nodes and middle-boxes, i.e. mobile anchor points. In this paper, we present a secure micro-mobility architecture that scales well between administrative domains, which are already using different kind of network access authentication techniques. The trust between the mobile nodes and middle boxes is established using one-way hash chains and a technique known as secret splitting. Our protocol protects the middle-boxes from traffic re-direction and related Denial-of-Service attacks. The hierarchical scheme supports signaling optimization and secure fast hand-offs. The implementation and simulation results are based on an enhanced version of Host Identity Protocol (HIP). To our knowledge, our micro-mobility protocol is the first one-and-half round-trip protocol that establishes simultaneously a trust relationship between a mobile node and an anchor point, and updates address bindings at the anchor point and at a peer node in a secure way.