1 / 17

Mobile IPv6 Location Privacy Solutions draft-irtf-mobopts-location-privacy-solutions-01.txt

Mobile IPv6 Location Privacy Solutions draft-irtf-mobopts-location-privacy-solutions-01.txt. Ying Qiu, Fan Zhao, Rajeev Koodli. Outline. Analysis of Location Privacy in MIP6 Hiding Mobile Node's Location Movement Information Pseudo Home Address Hiding HoA in Home Binding Update procedure

alanna
Télécharger la présentation

Mobile IPv6 Location Privacy Solutions draft-irtf-mobopts-location-privacy-solutions-01.txt

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Mobile IPv6 Location Privacy Solutionsdraft-irtf-mobopts-location-privacy-solutions-01.txt Ying Qiu, Fan Zhao, Rajeev Koodli

  2. Outline • Analysis of Location Privacy in MIP6 • Hiding Mobile Node's Location Movement Information • Pseudo Home Address • Hiding HoA in Home Binding Update procedure • Hiding HoA in RR procedure • Traffic Packets between MN and CN in RO mode • Hiding CoA via Reverse Tunneling Mode • Location Privacy with Unmodified RR Signaling • Route-Optimized Binding Update to CN • Reverse-tunneled Binding Update to CN Mobopts, IETF65, Dallas

  3. Analysis of Location Privacy in MIP6 • Current MIP6 specification doesn’t consider location privacy • Both CoA and HoA are visible to onlookers in the following messages: • Home Binding Update and Acknowledgement • Correspondent Binding Update and Acknowledgement • Prefix Discovery • Data packets between MN and CN in the RO mode • HoA is visible in the HoTI/HoT message on the HA-CN path. • In RO mode, CoA can’t be hidden from CN. • In RT mode, CoA can be hidden from CN and onlooker. Mobopts, IETF65, Dallas

  4. Hiding Mobile Node's Location Movement Information (1) Pseudo Home Address • Not to reveal the real Home Address • Use some other field to substitute the real HoA • The field must be communicated securely • The field itself must not become a target of profiling • The field is recovered from the real HoA by the HA and CN Pseudo_HoA = HMAC_SHA1(Kph, Previous Pseudo_HoA)) where, Kph is the symmetric key between MN and HA Mobopts, IETF65, Dallas

  5. Hiding Mobile Node's Location Movement Information (2) Hiding HoA in Home Binding Update Procedure(i) • BU message: IPv6 header source = CoA destination = HA Destination option header Home Address option (Pseudo_HoA) ESP header in transport mode Mobility header Home Binding Update Alternative CoA option (CoA) Mobopts, IETF65, Dallas

  6. Hiding Mobile Node's Location Movement Information (3) Hiding HoA in Home Binding Update Procedure (ii) • BA message: IPv6 header source = HA destination = CoA Destination option header Home Address option (Pseudo_HoA) ESP header in transport mode Mobility header Home Binding Acknowledgement Mobopts, IETF65, Dallas

  7. Hiding Mobile Node's Location Movement Information (4) Hiding HoA in RO mode (i) • HoTI in MN-HA path: IPv6 header source = CoA destination = HA ESP header in tunneling mode IPv6 header source = HoA destination = CN Mobility header HoTI • HoTI in HA-CN path: IPv6 header source = HA destination = CN Destination option Pseudo_HoA Mobility header HoTI Mobopts, IETF65, Dallas

  8. Hiding Mobile Node's Location Movement Information (4) Hiding HoA in RO mode (ii) • HoT in CN-HA path: IPv6 header source = CN destination = HA Destination option Pseudo_HoA Mobility header HoT • HoT in HA-MN path: IPv6 header source = HA destination = CoA ESP header in tunneling mode IPv6 header source = CN destination = HoA Mobility header HoT Mobopts, IETF65, Dallas

  9. Hiding Mobile Node's Location Movement Information (5) Hiding HoA in RO mode (iii) • Correspondent Binding Update: • CoTI/CoT no change • BU message IPv6 header source = CoA destination = CN Destination option E(Kbm, Pseudo_HoA); a) hide the relationship between CoA and Pseudo_HoA b) recoverable by CN Mobility header BU=(Pseudo_HoA, home nonce index, ...) • where • Kbm = SHA1 (home keygen token | care-of keygen token) ; no change • home keygen token = First (64, HMAC_SHA1(Kcn, (Pseudo_HoA | nonce | 0))) • care-of keygen token = First (64, HMAC_SHA1(Kcn, (CoA | nonce | 1))); no change Mobopts, IETF65, Dallas

  10. Hiding Mobile Node's Location Movement Information (6) Hiding HoA in RO mode (iv) • Traffic Packets between MN and CN: • Packets from MN to CN: IPv6 header source = CoA destination = CN Destination option Pseudo_HoA Payload • Packets from CN to MN: IPv6 header source = CN destination = CoA Routing Header Pseudo_HoA Payload Mobopts, IETF65, Dallas

  11. Hiding Mobile Node's Location Movement Information (7) Hiding CoA via Reverse Tunneling Mode • To hide its CoA from the CN and its HoA from an onlooker, the data packets between MN and CN traffic through HA in reverse tunneling mode. (modified according to Vijay comments) • In path MN-HA: • IPv6 header • source = CoA • destination = HA • ESP header in tunnel mode • IPv6 header • source = HoA • destination = CN • Payload • In path HA-CN: • IPv6 header • source = HoA • destination = CN • Payload • In path CN-HA: • IPv6 header • source = CN • destination = HoA • Payload • In path HA-MN: • IPv6 header • source = HA • destination = CoA • ESP header in tunnel mode • IPv6 header • source = CN • destination = HoA • Payload Mobopts, IETF65, Dallas

  12. Hiding Mobile Node's Location Movement Information (8) The increment of Sequence Numbers seq#_increment = First(8, HMAC_SHA1(Kbm, home nonce index | care nonce index)); Seq# = previous Seq# + seq#_increment. If seq#_increment = 0, then seq#_increment = 1. If new Seq# > 216-1, new Seq# = 216-1. Mobopts, IETF65, Dallas

  13. Location Privacy with Unmodified RR Signaling (1) Brief Idea • both CN and MN derive a shared privacy management key, Kpm, from the keygen tokens achieved in the home address and care-of address test procedures; • afterwards, MN uses Kpm to hide its home address in the Binding Update to CN; • finally CN authenticates the received Binding Update and restores the MN'S home address therein. Mobopts, IETF65, Dallas

  14. Location Privacy with Unmodified RR Signaling (2) Route-Optimized Binding Update to CN (1) • make the home address invisible to onlookers by replacing the real HoA with a Pseudo HoA • CN generates after getting HoTI Privacy_Keygen_Token = First (64, Kcn(HoA set to all zeros | nonce | 0)) • MN computes after getting HoT Kpm = SHA1 (Privacy_Keygen_Token | care-of keygen token) and Pseudo_Home_Address = String XOR HoA where, String = First (128, HMAC_SHA1 (Kpm, (CoA | Home Nonce Index | Care-of Nonce Index))) Mobopts, IETF65, Dallas

  15. Location Privacy with Unmodified RR Signaling (3) Route-Optimized Binding Update to CN (2) • CN compute Kpm when receives a BU with Pseudo_HoA. • The computation is similar to how it would compute Kbm, except that the Privacy Keygen Token is computed with HoA set to all zeros. • CN computes the String and recovers the HoA with Kpm. • CN compute the home keygen token, the Kbm, and verify the MAC for the Binding Update. • If Binding Update processing is successful, the Pseudo Home Address is considered valid. • CN then stores the nonce indices, and the Kbm itself. • CN sends a normal Binding Acknowledgment to the MN. • The String is computed once by both the MN and the CN, and hence the Pseudo Home Address as computed above remains constant, until one of the address cookies expires or the MN undergoes a handover. Mobopts, IETF65, Dallas

  16. Location Privacy with Unmodified RR Signaling (4) Reverse-tunneled Binding Update to CN • MN may send the BU not directly to CN, but via HA IPv6 header source = CoA destination = HA ESP header in tunneling mode IPv6 header source = HoA destination = CN Mobility header BU Alternate Care-of Address option (care-of address) • CN, after getting the BU, computes the Kbm first. • verifies the MAC for the Binding Update • recovers the HoA from the Pseudo HoA, then verifies if it is actually the HoA present in the source IP address. Mobopts, IETF65, Dallas

  17. Q & A Thank You

More Related