Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT
Mobile IP – what is it? Approved as draft standard of the IETF in 1996 “A dynamic routing protocol where end devices signal their own routing updates and dynamic tunnels eliminate the need for host route propagation” (Raab and Chandra, 2005) “Allows users to roam across various IP subnets and access links, all the while maintaining continuous communication” Facilitates mobile networks, multiple access technologies, access providers Significant pressure on service providers to provide access (Sanmanteau et al, 2002) Flexibilty != Security (Tuquerres et al, 1999)
Mobile IP Overview (IPv4) Every site that wants to allow its users to roam has to create a home agent Every site that allows visitors has to create a foreign agent Tanenbaum, 2004
Mobile IPv6
Denial of Service Attacks Interrupting flow of useful packets to node Flooding a node with unwanted packets Replay attacks
Denial of Service Attacks Authentication Security Associations Cryptographic algorithms Shared key between peers Replay protection IKE/IPSec Cisco Approach AAA accesses by TACACS+/RADIUS protocols Wang et al (2004)
Other attacks Passive eavesdropping Encryption End-to-end Link-layer Session stealing Encryption
Novel Solutions Performance issues Agarwal & Wang (2007) Jing et al (2007) Virtual backup AAA server Lin (2007) Mobile Firewall Framework Tan et al (2007)
Conclusion Present Solutions Cryptography Key management Timestamp synchronisation ? Future