1 / 5

Enhancing Mobile IP Security with AAA Framework: Keys and Protocols

This document outlines the integration of a new AAA security model into Mobile IP networks. It emphasizes the necessity of establishing secure associations between mobile nodes and home agents, as well as foreign agents, particularly under 3G requirements. Key features include the use of MN-NAI for identification, the separate nature of AAA from Mobile IP, and the introduction of new key reply subtypes. Furthermore, it discusses well-known algorithms, including MD5, for secure key computation and distribution, enhancing registration processes via Generalized Key Distribution extensions.

dai
Télécharger la présentation

Enhancing Mobile IP Security with AAA Framework: Keys and Protocols

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AAA Registration Keys Charles E. Perkins/Nokia Research Pat R. Calhoun/Sun Microsystems

  2. Motivation and context • Using new AAA security model, mobile node has security only with AAAH • Mobile IP needs security ass’n between mobile node and home agent • 3G requirements document specify need for keys also with foreign agent • both with mobile node and with home agent

  3. More AAA details • Mobile node MAY use MN-NAI to identify itself • AAA is separate protocol from Mobile IP • Mobile IP extensions for AAA • AAA extensions for Mobile IP • Single Internet Traversal for initial registration

  4. Use of Generalized Key Distribution extensions • New Unsolicited MN-HA Key Reply subtype • New Unsolicited MN-FA Key Reply subtype • HA-FA could be handled within AAA without involvement from Mobile IP

  5. Well-known algorithms 3 & 4 • Mobile IP has a defined range (1-255) for SPIs that indicate well-known algorithms • e.g., RADIUS computation from Challenge draft • It is convenient and accepted today to use MD5 for encoding keys • AAA keys draft specifies two new MD5 well-known SPIs for simplicity • avoids SPI negotiation • SPI 3 for MD5 in prefix+suffix mode • SPI 4 for HMAC MD5 (RFC 2104)

More Related