1. Media-Independent Pre-Authentication (draft-ohba-mobopts-mpa-framework-01.txt) (draft-ohba-mobopts-mpa-implementation-01.txt) Ashutosh Dutta, Telcordia Technologies Victor Fajardo, Yoshihiro Ohba, Kenichi Taniuchi Toshiba America Research Inc. Henning Schulzrinne, Columbia University Prepared for IRTF MOBOPTS WG August 4 th, 63 rd IETF, Paris

2. IRTF – 2 Problem Statement  Existing mobility optimization mechanisms rely on signaling between access routers of different administrative domains –It is hard to assume an SA between access routers of different domains –There has been no solution for inter-domain handovers –Inter-domain handover can occur even for a mobile node with a single interface  Existing mobility optimization mechanisms do not deal with heterogeneous handovers in which authorization characteristics are different before and after handovers and thus a fresh authentication and authorization needs to be performed –Heterogeneous handover can occur even for a mobile node with a single interface  Existing mobility optimization mechanisms are tightly coupled with particular mobility management protocols  All those problems above need to be solved without sacrificing handover performance

3. IRTF – 3 Overview of Media-independent Pre-Authentication (MPA)  MPA is: –a mobile-assisted higher-layer authentication, authorization and handover scheme that is performed prior to establishing L2 connectivity to a network where mobile may move in near future  MPA provides a secure and seamless mobility optimization that works for –Inter-domain handover –Heterogeneous handover (single/multiple interface)  MPA works with any mobility management protocol –MIP(v4,v6), SIPMM, HIP, etc.

4. IRTF – 4 Home Network HA MPA Overview CN: Correspondent Node MN: Mobile Node AA: Authentication Agent CA: Configuration Agent AR: Access Router AACA A(X) 2. DATA [CN A(Y)] over proactive handover tunnel [AR A(X)] AR L2 handoff procedure Domain X Domain Y CN Data in new domain 1. DATA[CN A(X)] MN-CA key Pre configuration pre-authentication MN-AR key 3. DATA[CN A(Y)] Data in old domain MN A(Y) BU Proactive handover tunneling end procedure Tunneled Data MN

5. IRTF – 5 MPA-assisted Seamless Handoff (a deployment scenario) AACA MN-CA key AR Network 3 AR AACA MN-CA key Network 2 INTERNET Information Server Mobile Current Network 1 AR AP1 Coverage Area AP 2 & 3 Coverage Area AR Network 4 CN AP3AP2 AP1 CTN TN CTN – Candidate Target Networks TN – Target Network

6. IRTF – 6 Changes from draft 00 to 01  Split the original MPA document into two –Framework, Implementation –(draft-ohba-mobopts-mpa-framework-01.txt) –(draft-ohba-mobopts-mpa-implementation-01.txt)  (draft-ohba-mobopts-mpa-framework-01.txt) –Ping-Pong Effect –Buffering –Bi-casting –Pre-authentication with multiple CTNs  (draft-ohba-mobopts-mpa-implementation-01.txt) –New Experimental results –MIPv6 (Previously with SIP mobility management only)  With and w/o Route Optimization –Buffering at NAR –Layer 2 handover enhancement

7. IRTF – 7 Protocol Set for current MPA prototype Mobility Management ProtocolMIPv6SIPM Information Service Scheme (802.21)XML/RDF Pre-authentication protocolPANA Pre-configuration protocolStateless, PANA DHCP Relay, PANA Proactive handover tunneling protocol IPsecIP-in-IP Proactive handover tunnel management protocol PANA Buffer Management ProtocolPANA Link-layer securityNone

8. IRTF – 8 MPA Experiment with MIPv6 AP1, AP2: Access Point R1: Previous Access Router R2: New Access Router MN: Mobile Node CN: Correspondent Node HA: Home Agent R2 R1 Audio Application Relay/ Client Proxy PANA Agent Network 1 Network 2 IP2 AP1(Channel 6) AP2(Channel 9) ITSUMO network Move AA CA NAR CN MN Network 3 PAR HA Home Network oPoA nPoA Network 4 Buffer Agent Network 5 Information Server

9. IRTF – 9 MPA Experimental Results Mobility Type MIPv6 SIP Mobility Handoff Parameters Buffering Disabled + RO Disabled Buffering Enabled + RO Disabled Buffering Disabled + RO Enabled Buffering Enabled + RO Enabled Buffering Disabled Buffering Enabled L2 handoff (ms) 4.004.334.00 5.00 Avg. packet loss 1.3300.6601.500 Avg. inter- packet interval (ms) 16.00 Avg. inter- packet arrival time during handover (ms) n/a45.33n/a66.60n/a29.00 Avg. packet jitter (ms) n/a29.33n/a50.60n/a13.00 Buffering period (ms) n/a50.00n/a50.00n/a20.00 Avg. Buffered Packets n/a2.00n/a3.00n/a3.00

10. IRTF – 10 Conclusions  MPA attempts to address the issues of inter-domain handover and heterogeneous handover  MPA framework provides an optimized handover solution independent of mobility management protocol  Implementation results of both MIPv6 and SIP-based mobility management –Zero packet loss (with buffering) –L2 delay ~ 4ms –Jitter during handover (~ 20 – 50 ms) (with buffering)  Pre-authentication for PANA is being accepted as work item of PANA WG

11. IRTF – 11 Future Work  Network-initiated MPA  Performance comparison with other Fast Mobility management protocol  Integration of L2 security bootstrapping in the target network  Choose or define appropriate protocol set for each building block

12. IRTF – 12  Do we need to solve the pre-authentication problem for inter-domain and heterogeneous handover?  Include MPA framework as part of MOBOPTS work item ? Future Work (Contd.)

13. IRTF – 13 Thank you!

14. IRTF – 14 Backup Slides