Affiliations: Department of Information Security, Mokpo National
University, Korea | IMARA Team, INRIA, Paris, France
Note: [] Corresponding author: Jong-Hyouk Lee, IMARA Team, Bt. 07, INRIA
Paris – Rocquencourt, Domaine de Voluceau Rocquencourt, B.P. 105, 78153, Le
Chesnay Cedex, France. Tel.: +33 1 39 63 59 30; E-mail: jong-hyouk.lee@inria.fr
Abstract: Wireless communication service providers have been showing strong
interest in Proxy Mobile IPv6 for providing network-based IP mobility
management. This could be a prominent way to support IP mobility to mobile
nodes, because Proxy Mobile IPv6 requires minimal functionalities on the mobile
node. While several extensions for Proxy Mobile IPv6 are being developed in the
Internet Engineering Task Force, there has been little attentions paid to
developing efficient authentication mechanisms. An authentication scheme for a
mobility protocol must protect signaling messages against various security
threats, e.g., session stealing attack, intercept attack by redirection, replay
attack, and key exposure, while minimizing authentication latency. In this
paper, we propose a Diffie-Hellman key based authentication scheme that
utilizes the low layer signaling to exchange Diffie-Hellman variables and
allows mobility service provisioning entities to exchange mobile node's profile
and ongoing sessions securely. By utilizing the low layer signaling and context
transfer between relevant nodes, the proposed authentication scheme minimizes
authentication latency when the mobile node moves across different networks. In
addition, thanks to the use of the Diffie-Hellman key agreement,
pre-established security associations between mobility service provisioning
entities are not required in the proposed authentication scheme so that network
scalability in an operationally efficient manner is ensured. To ascertain its
feasibility, security analysis and performance analysis are presented.