• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6A
• /
• pp.75-83
• /
• 2008

In this paper, we design a user authentication method between domains when mobile node moves in AAA server based MIPv6 environment. Several papers proposed the user authentication method executing at AAA server in home domain via AAA server in visiting domain. In this paper we proposed the user authentication method using privilege certificates between domains.

• The KIPS Transactions:PartC
• /
• v.10C no.6
• /
• pp.755-762
• /
• 2003

For the route optimization in the MIPv6, MN(Mobile Node) sends CN(Correspondent Node) a binding update message to notify the binding of is HoA(Home Address) with its new CoA(Care-of Address). However, unautenticated binding updates expose the involved MN and CM to various sucurity attacks. Thus, protecting the binding update process becomes of paramount importance in the MIPv6, and several secure binding update protocols, and the performance of packet exchanges and cryptographic operations. Then, we analyze the four typical binding update protocols based on the presented criterions. In addition, we propose some improvement tips for secure binding updates.

• Journal of Convergence for Information Technology
• /
• v.9 no.6
• /
• pp.13-18
• /
• 2019

This paper proposes efficient and secure two-way authentication protocol for binding update messages between mobile devices and home agents / correspondent nodes in IoT and Mobile IPv6 (MIPv6) environments with limited computing power and resources. Based on the MIPv6 message exchange, the proposed protocol satisfies both the authentication and the public key exchange optimized for both sides of the communication with minimum modification. In the future, we will carry out a performance analysis study by implementing the proposed protocol in detail.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.5
• /
• pp.49-56
• /
• 2004

An Internet draft, named RR(Return Routability) protocol, proposed to IETF mobileip WG, in order to establish an optimal path to MN(Mobile Node) by securely sending the BU(Binding Update) message to CN(Correspondent Node). However, it has some problems with initiating the protocol by the MN: it causes to increases in communication load in the home network, to increases communication delay between MN and CN, and increases in communication load due to unnecessary message exchanges. To resolve the problems, this paper proposes an alternative scheme for the RR protocol in MIPv6. The proposed scheme is devised to start the protocol by HA on receiving the first packet from CN. It decreases the route optimization overhead by reducing the number of BU messages as well as the communication time. Beside these advantages, this scheme provides the same security grade as the original RR protocol.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.807-810
• /
• 2005

Constructed network test environment of wireless base for confidentiality guarantee of data and safe transmission that is transmited at Mobile node of Wireless Network environment in this paper. And, progressed research about IKEv2's Multiple-Key Exchange mechanism for efficient security transmission that use IPSec that is built-in to basis to IPv6 of Mobile environment. Have several key to single terminal to solve that is seam at hand off packet transmission process of Mobile Node in Wireless Network and Re-setting for Key and Re-exchange problem that happen frequently and studied technology that move. Key exchange protocol that is used for an experiment loads basically in MIPv6 and used IKEv2 protocol that is used for management and distribution of reliable encryption key between both end. Using network simulator of SSFNet(Scalable Simulation Framework Network Models) in this paper Key exchange delay value of IKEv2's security transmission analyzing comparison Performance measure and studied about problem and improvement way accordingly.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.10
• /
• pp.148-155
• /
• 2007

The routing optimization mode, which Mobile IPv6 provides for the direct communication between a mobile node and its correspond node, introduces various security threats, thus causing several protocols to be proposed for the secure binding update procedure. In particular, the Kang-Park protocol, which Kang and Park presented in 2005, achieves the optimized cryptographic operations and the strong security, while based on its unique security proxy structure. In spite of such advantages, it has some drawbacks in terms of security and efficiency. This paper improves the Kang-Park protocol through the strong CoA validation and early binding update methods. Also, we show that the improved protocol is better than others.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.82-85
• /
• 2005

In the MIPv6 network, when mobile nodes move into new newtwork, they need to find the new access router and points(AR/AP) for the newtwork. Unless they are not connected to authorized AR/APs, they can be exposed to a lot of attacks. In this paper we propose a protocol to authenticate AR/AR and MN each other. This protocol is based on the public key scheme which is used in the SEcure Neighbor Discovery(SEND) protocol.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.1039-1042
• /
• 2005

본 논문에서는 모바일 노드(mobile node, MN)와 대응노드(correspondent node, CN)사이의 바인딩 업데이트 (binding update, BU) 프로토콜에 대해 기존 프로토콜 및 BU메시지를 보호하기 위해 제안된 메커니즘에서 발견된 취약성과 결점을 살펴보고, 최근에 제안된 You-Cho의 프로토콜에 가할수 있는 보안 공격에 대해 알아본다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.5
• /
• pp.115-124
• /
• 2005

We propose a new binding update(BU) protocol between mobile node(CN) and correspondent node(CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also propose the stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Suity of our proposed Protocol is analyzed and compared with other protocols. The proposed protocol is more efficient than previous schemes in terms of the number of message flows and computation overhead and is secure against both redirect and DoS attacks.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.605-612
• /
• 2004

In MIPv6, unauthenticated binding updates expose the involved MN and CN to various security attacks. Thus, protecting the binding update process becomes of paramount importance in the MIPv6, and several secure binding update protocols have been proposed. In this paper, we pro-pose a novel protocol for the secure binding updates in MIPv6, which can resolve the drawbacks of the Deng-Zhou-Bao's protocol ［2］, by adopt-ing Aura's CGA scheme with two hashes ［9］. Aura's scheme enables our protocol to achieve stronger security than other CGA-based protocols without a trusted CA, resulting in less cost of verifying the HA's public key than the Deng-Zhou-Bao's protocol. Through the comparison of our protocol with other protocols such as the Deng-Zhou-Bao's protocol, CAM-DH and SUCV, we show that our protocol can provide better performance and manageability in addition to stronger security than other approaches.