1 / 6

A Secure Mobile IP Authentication based on Identification Protocol

A Secure Mobile IP Authentication based on Identification Protocol. Authors: Doo Ho Choi, Hyungon Kim and Kyoil Jung

vinaya
Télécharger la présentation

A Secure Mobile IP Authentication based on Identification Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Secure Mobile IP Authentication based on Identification Protocol Authors: Doo Ho Choi, Hyungon Kim and Kyoil Jung Source: International Symposium on Intelligent Signal Processing and Communication Systems 2004 (Proceedings of ISPACS 2004 18-19 Nov. 2004) Page(s):709 - 712 Presenter: Jung-wen Lo(駱榮問) Date: 2005/12/22

  2. Introduction • Mobile IP • MN: Mobile NodeHA: Home AgentFA: Foreign Agent • Vulnerable to replay attack => FA authenticates the identity of HA or MN in the registration process • Identification Protocol • A cryptography protocol which is designed to allow one party to gain assurances that the identity of another is as declared Correspondent node Mobile node

  3. Identification Protocol using One-way function • Short term (One-time password) • Long-term Alice Bob 0. Secret key k; 正整數 t Public key pk=ft(k) 1. i 2. wi=fi(k) 3. ft-i(wi)?=pk TTP Prover Verifier 0. secret key k 1. i 2. wi=fi(h(k,N)),N Nonce N 3. N 4. pk=ft(h(k,N)) 5. ft-i(wi)?=pk

  4. Mobile IP Registration Protocol HA MN FA 0. NHA M1={RRQ, NMN, NHA} 1. M1,<M1>K 2. M1,<M1>K Verify NHA,<M1>KM2={RRP,NMN,N’HA} 3. M2,<M2>K 4. M2,<M2>K M: MessageRRQ: MIP Registration RequestRRP: MIP Registration Reply<M>K: Mac value of Msg under key KK: shared secret key between MN and HAN: Nonce ※Problem: *Replay attack - 1 & 3*Man-in-the-middle attack - FA

  5. Mobile IP Authentication Protocol based on Identification Protocol HA CA FA MN AgentAdvertisement Random 0<i<t Adv,i IiMN=fi(h(K,NHA))random 0<s<tM1={RRQ, NMN, NHA} 0. NHA Validate RFAft-i(IiMN)?=pk IsFA=fs(h(KFA,NHA)) random 0<j<t, j≠i pk=ft(h(K,NHA)) 1. M1,s,<M1,s>K,IiMN 2. M1,s,<M1,s>K,j,IsFA Verify NHA,<M1,s>K NHA Mobile IPAuthentication ft-s(IsFA)?=pkFAIjMN=fj(h(K,NHA)M2={RRP,NMN,N’HA} pkFA=ft(h(KFA,NHA)) 3. M2,j,<M2,j>K,IjMN fj-i(IiMN)?=IjMNor fi-j(IjMN)?=IiMN 4. M2,j,<M2,j>K pk=ft(h(K,N’HA))

  6. Comments • MN cannot authenticate FA • HA should record nonce MN FA CA 1.M1,s,<M1,s>K,IiMN,N N Is=fs(h(KFA,N)) It=ft(h(KFA,N)) ft-s(Is)?=It HA MN FA 0.NHA, E(NHA) 1. M1,s,<M1,s>K,IiMN,E(NHA) 2. M1,s,<M1,s>K,j,IsFA , E(NHA)

More Related