End-point Identifiers in Secure Multi-homed Mobility

Currently IP addresses are used both for node identifiers and topological location names in the Internet. The semantic overloading and non-cryptographic nature of IP addresses makes it impossible to use them as identifiers from the security point of view. The problem becomes even worse with multi-homed mobile nodes. Multi-homed mobile nodes have several interfaces bound to dynamically changing IP addresses. When a node changes its point of attachment to the network or it reroutes traffic from one interface to another, the connection identifiers are changed. A peer node cannot verify the validity of the new identifiers without a naming trust relationship between the identifiers and the identity of the node. The peer must have evidence that an identifier belongs to a specific identity. Currently, there are no way for a node, using traditional IP addresses, to prove that it owns a specific address, i.e., an identifier. We present in this paper the philosophy behind separation of end-point identifiers from location names, which is an essential part in designing secure multi-homed mobility architectures.