• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.5
• /
• pp.25-34
• /
• 2006

Previous binding update protocols for Mobile IPv6 repeats the same protocol each time a mobile node moves to a foreign link Moreover, mobile nodes repeats the same protocol whenever the lifetime of the current binding update expires. To improve the efficiency of binding updates, we Propose a ticket-based binding update protocol for MIPv6. Our protocol minimizes the binding update cost using a ticket issued by the corresponding node. We have analyzed our protocol security against the security requirements of MIPv6 and existing attacks. Furthermore, we have also compared our protocol against previous binding update protocols.

• The KIPS Transactions:PartC
• /
• v.13C no.3 s.106
• /
• pp.267-274
• /
• 2006

The process of binding update for the routing optimization in MIPv6 can make the involved MN (Mobile Node) and CN(Correspondent Node) vulnerable to various attacks. Therefore, securing binding update process becomes an important research issue in the MIPv6, and several secure binding update protocols have been proposed. In this paper, we compare several existing binding update protocols, and analyze the vulnerability of MNs and CNs to the possible attacks and the management overhead of the SUCV(Statistic Uniqueness and Cryptographic Verifiability) which is considered to be superior to other protocols. Then, we propose an advanced protocol to resolve above drawbacks. Through the detailed analysis, we show that our protocol can reduce the computational overhead of MN, enable better management, and achieve a higher level of security against the redirect attacks, DoS(Denial of Service) attacks and brute force attacks, compared to SUCV.

• The Journal of Korean Association of Computer Education
• /
• v.10 no.5
• /
• pp.81-88
• /
• 2007

To support the movement of a mobile network consisting of several mobile nodes, the IETF NEMO working group proposed NEMO basic support protocol using bi-directional tunneling between the home agent and the mobile router. Since NEMO basic support protocol is based on bi-directional tunneling, all communications to and from mobile nodes are suffer from inefficient routing all the cases. To solve the routing inefficiency problem, several proposals are proposed. However, those proposals results in new problems, such as binding update storm and changes in existing protocol. Especially, binding update storm problem may cause the delay in binding update, this subsequently causes the difficulty for a real time service and the handoff delay on the movement of mobile network. In this paper, we propose a new binding update scheme which reduces binding update latency and the handoff delay through the distribution of the transmission time of binding update messages. The performance of the proposed scheme is also evaluated to demonstrate its efficiency. Simulation results show that the proposed scheme can efficiently reduce the binding update latency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.115-124
• /
• 2005

We propose a new binding update(BU) protocol between mobile node(CN) and correspondent node(CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also propose the stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Suity of our proposed Protocol is analyzed and compared with other protocols. The proposed protocol is more efficient than previous schemes in terms of the number of message flows and computation overhead and is secure against both redirect and DoS attacks.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.10
• /
• pp.148-155
• /
• 2007

The routing optimization mode, which Mobile IPv6 provides for the direct communication between a mobile node and its correspond node, introduces various security threats, thus causing several protocols to be proposed for the secure binding update procedure. In particular, the Kang-Park protocol, which Kang and Park presented in 2005, achieves the optimized cryptographic operations and the strong security, while based on its unique security proxy structure. In spite of such advantages, it has some drawbacks in terms of security and efficiency. This paper improves the Kang-Park protocol through the strong CoA validation and early binding update methods. Also, we show that the improved protocol is better than others.

• Journal of Internet Computing and Services
• /
• v.8 no.4
• /
• pp.81-91
• /
• 2007

Binding update for the routing optimization in MIPv6 can make the involved nodes vulnerable to various attacks. Therefore, secure binding update becomes an important research issue in MIPv6, and several protocols have been proposed for this purpose. In this paper, we compare several existing binding update protocols such as RR, SUCV and OMIPv6 and analyze the vulnerability of nodes to the possible attacks and drawbacks of address management and scalability and overhead of encryption operations. Then, we suggest the design requirements for the secure binding update and propose an advanced protocol based on the design principle. Through the analysis, we show that our protocol can achieve a higher level of security against the various attacks and enable better management of address, provide the location privacy and reduce the computational overhead of mobile nodes with constraint computational power.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.9
• /
• pp.57-64
• /
• 2012

The existing protocols proposed in network mobility (NEMO) environment can require many computational costs and can bring about a delay of binding update. To solve these problems, in this paper we propose an authentication protocol supporting secure seamless handover in NEMO environment. The proposed protocol can handle quickly mutual authentication between a mobile router (MR) and an access router (AR), which uses group key among ARs and a master key (MK) issuing from key issuing server (KIS) for reducing the time of binding update as much as possible. In performance, the proposed protocol can process quickly binding update with little computational cost comparison with the existing binding update protocols and it results in robustness against existing attacks.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.605-612
• /
• 2004

In MIPv6, unauthenticated binding updates expose the involved MN and CN to various security attacks. Thus, protecting the binding update process becomes of paramount importance in the MIPv6, and several secure binding update protocols have been proposed. In this paper, we pro-pose a novel protocol for the secure binding updates in MIPv6, which can resolve the drawbacks of the Deng-Zhou-Bao's protocol ［2］, by adopt-ing Aura's CGA scheme with two hashes ［9］. Aura's scheme enables our protocol to achieve stronger security than other CGA-based protocols without a trusted CA, resulting in less cost of verifying the HA's public key than the Deng-Zhou-Bao's protocol. Through the comparison of our protocol with other protocols such as the Deng-Zhou-Bao's protocol, CAM-DH and SUCV, we show that our protocol can provide better performance and manageability in addition to stronger security than other approaches.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.6
• /
• pp.1519-1523
• /
• 2007

In this paper, we propose the fast and secure binding update protocol as handoff or handover in the micro and pico environment based on mobile IPv6. The nodes or routers on participating in this protocol generate their addresses from cryptographically generated addresses (CGAs) method unlike previous address generation method. The mobile node (MN) includes in home network or home link has limited power and computational abilities. So the home agent (HA) of the MN executes key agreement protocol with the correspondent node (CN) on behalf of the MN. The CN then creates a ticket on including session key, lifetime of ticket. and so on. It then transmits it to the MN via the HA of the MN. The ticket is used to communicate directly between the MN and its CN. In performance analysis, we analyze security of proposed binding update protocol under various attack scenarios and efficiency by comparing proposed protocol with prior binding update protocols. Finally we make a conclusion of this paper and present future works.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.755-762
• /
• 2003

For the route optimization in the MIPv6, MN(Mobile Node) sends CN(Correspondent Node) a binding update message to notify the binding of is HoA(Home Address) with its new CoA(Care-of Address). However, unautenticated binding updates expose the involved MN and CM to various sucurity attacks. Thus, protecting the binding update process becomes of paramount importance in the MIPv6, and several secure binding update protocols, and the performance of packet exchanges and cryptographic operations. Then, we analyze the four typical binding update protocols based on the presented criterions. In addition, we propose some improvement tips for secure binding updates.