Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.

Similar presentations


Presentation on theme: "Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University."— Presentation transcript:

1 Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University

2 Mobility and location privacy Capability of preventing others from learning ones location Your location might be leaked out to others… Correspondents Eavesdroppers Alice is now connecting from that colleges network. Alice (Mobile Node) Bob (Correspondent Node) Eve This person in my network is probably Alice!

3 Alice (Mobile Node) Desired conditions Anonymity against eavesdroppers They cannot identify the sender and the receiver of packets. Both end-points can authenticate each other, but they dont know about exact location. This is surely from Alice, though I dont know where she is. Bob Eve Who the hell is this???

4 Case study: Mobile IP Home Address is the identifier. Care-of Address is the locator. Correspon dent Node Mobile Node Home Agent Mobile Node MNs Home Network Never knows MNs location Always knows MNs location

5 Case study: Mobile IP (Route Optimization) CN, HA, and eavesdroppers on the path can trace the MNs location simply looking at IP headers. Correspon dent Node Mobile Node Home Agent Mobile Node MNs Home Network

6 It is difficult to design a protocol so that ANY node doesnt know the MNs location. Including trusted nodes such as Home Agent Its trade-off between privacy and performance. In some case, privacy may be more important than performance.

7 Related Works HIP and BLIND Problem Statement What is to be solved Our Proposal Protocol Design Conclusion

8 ID/locator separation Host Identity is a public key pair Host Identity Tag (HIT) is the identifier 128-bit hash of Host identity Base Exchange 2 round trip key exchange Exchange public keys for authentication Establish SAs (IPsec ESP)

9 Rendezvous Mechanism HIT & IP address stored in a Rendezvous Server (RVS) MNs IP address is kept up to date The first (I1) packet is forwarded Then, end-points start to communicate directly RVS A A B B Registration / Location Update To: HIT of B IP of RVS

10 MN sends UPDATE messages to CN and RVS on roaming. Sessions in upper layers are kept A A B B A A UPDATE RVS UPDATE

11 Complete identity protection Only end-points can recognize the IDs in packets. Eavesdroppers cant identify them. A A B B HIT(A) HIT(B) ???

12 src/dst IDs are Blinded HIT with nonce N BHIT= hash(N || HIT) Nonce is randomly generated in each session Extended Base Exchange A variation of Diffie-Hellman A A B B HIT(A) HIT(B) BHIT(A) BHIT(B)

13 Initiator Responder I1: BHIT[I] BHIT[R], Nonce BHIT[I] = hash(Nonce || HIT[I]) BHIT[R] = hash(Nonce || HIT[R]) Determines HIT[R] by trying all own HITs. R1: BHIT[R] BHIT[I], DH[R] Generates the Key by DH Encrypt HI[I] with the Key Generates the Key by DH Encrypt HI[I] with the Key I2: BHIT[I] BHIT[R], DH[I], { HI[I] } R2: BHIT[R] BHIT[I], { HI[R] } Generates the Key by DH Decrypt HI[I] with the Key Encrypt HI[R] with the Key Generates the Key by DH Decrypt HI[I] with the Key Encrypt HI[R] with the Key

14 Location privacy for the BLIND Forwarding Agent (FA) SPINAT FA conceals MNs location from CN FA doesnt know both IDs. A A B B FA HIP communication Not know As IDNot know As address

15 Goal To achieve both Mobility and Location Privacy Approach The protocol is based on BLIND Good identity protection Introduce mobility into BLIND

16 To realize mobility with BLIND Rendezvous mechanism dealing with blinded HIT Movement transparency support

17 Problems are: RVS cannot resolve blinded HIT. Raw HITs should be concealed.

18 HIP-in-HIP tunneling Establish SAs with RVS with BLIND, then securely send a packet with raw HITs as a HIP option. The raw HIT info is deleted at RVS on forwarding. A A B B F F RVS Blinded Channel BHIT[B]+HIT[B] BHIT[B]

19 Mobility support by Forwarding Agents Use a temporary HIT for FA registration Intra-FA handover MN sends update message only to FA. MN is identified by the temporary HIT This roaming is traced by FA and nodes in MN-FA. A A B B F F A A

20 Inter-FA handover The MN registers to another FA with a new temporary HIT after roaming. All identifiers are changed at once. Theres possibly packet loss. Expects retransmission in upper layers A A F2 AHIT(A) IP(A) THIT(A) IP(A) SPI B B IP(A) THIT(A) F1 THIT(A) IP(A) SPI RVS update

21 Single Points of Failure There may be some extensions for robustness. Forwarding Agents Multiplexing Rendezvous Server DHT-based

22 Collusion If CN and FA collude, MNs ID and location can be combined. When some incident happens, police can inspect MNs location.

23 Implementation and evaluation is ongoing.

24 We proposed the Mobile BLIND Framework Achievement Anonymity for eavesdroppers Conceal location from correspondents Movement Transparency Extensions to BLIND Blind Rendezvous Mechanism Mobility support by extended Forwarding Agents

25


Download ppt "Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University."

Similar presentations


Ads by Google