Improvement of Return Routability Protocol
-
Upload
perry-avery -
Category
Documents
-
view
17 -
download
3
description
Transcript of Improvement of Return Routability Protocol
![Page 1: Improvement of Return Routability Protocol](https://reader036.fdocuments.net/reader036/viewer/2022081008/56812d8b550346895d92a4ba/html5/thumbnails/1.jpg)
Improvement of Return Routability Protocol
draft-qiu-mip6-RR-improvement-00.txt
Institute for Infocomm ResearchSingapore
![Page 2: Improvement of Return Routability Protocol](https://reader036.fdocuments.net/reader036/viewer/2022081008/56812d8b550346895d92a4ba/html5/thumbnails/2.jpg)
Outline
• Three attacks to RR.
• Our Improvement to RR.
![Page 3: Improvement of Return Routability Protocol](https://reader036.fdocuments.net/reader036/viewer/2022081008/56812d8b550346895d92a4ba/html5/thumbnails/3.jpg)
MN2
CN / Server
MN1
Intruder
MN3
Intruder• Collect HoTs and CoTs
at the server edge• Randomly form Kbu• Send BU to CN• Random redirection
Traffic Permutation Attacks
![Page 4: Improvement of Return Routability Protocol](https://reader036.fdocuments.net/reader036/viewer/2022081008/56812d8b550346895d92a4ba/html5/thumbnails/4.jpg)
Session Hijacking Attacks
MN1
CN
MN2
Intruder
HA
HoTM
N1
FWD
HoT
MN
1
CoTI MN2 / CoTMN2
Intruder• Get HoTMN1
• MN2 send its own CoTIMN2 and get CoTMN2
• MN2 forges as MN1
![Page 5: Improvement of Return Routability Protocol](https://reader036.fdocuments.net/reader036/viewer/2022081008/56812d8b550346895d92a4ba/html5/thumbnails/5.jpg)
Movement Halting Attacks
CoTold
HoTnew
CN / Server
CoA
Intruder
CoA’
Intruder• Get old CoT• Get new HoT’• Form valid Kbu• Redirect to old CoA
HoT’
CoT
![Page 6: Improvement of Return Routability Protocol](https://reader036.fdocuments.net/reader036/viewer/2022081008/56812d8b550346895d92a4ba/html5/thumbnails/6.jpg)
The Improvement • HoA and CoA are bound together
HoTI = {HoA, CNA, CoA, HomeInitCookie } CoTI = {CoA, CNA, HoA, CareInitCookie }
HomeKeygenToken = HMAC_SHA1(Kcn, (HoA|Nj|CoA|0)) CareKeygenToken = HMAC_SHA1(Kcn, (CoA|Ni|HoA|1))
Advantages:• Prevent the 3 attacks• No additional cost• No change of RR protocol architecture
![Page 7: Improvement of Return Routability Protocol](https://reader036.fdocuments.net/reader036/viewer/2022081008/56812d8b550346895d92a4ba/html5/thumbnails/7.jpg)
Thank You!