MIPv6 Binding Update Protocol Secure Against Both Redirect and DoS Attacks

  • Hyun-Sun Kang
  • Chang-Seop Park
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3822)


We propose a new binding update (BU) protocol between mobile node (MN) and correspondent node (CN) for the purpose of preventing redirect attacks and DoS attacks observed from the existing BU protocols and enhancing the efficiency of the BU protocol. Home agent plays a role of both authentication server validating BU message and session key distribution center for MN and CN. Also proposed is stateless Diffie-Hellman key agreement based on cryptographically generated address (CGA). Security of our proposed protocol is analyzed and compared with other protocols.


Mobile Node Home Agent Correspondent Node Mobile IPv6 IPv6 Address 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Johnson, D., Perkins, C., Arkko, J.: Mobility Support in IPv6, RFC 3775 (June 2004)Google Scholar
  2. 2.
    Aura, T., Roe, M., Arkko, J.: Security of Internet Location Management. In: Proc. The 18th Annual Computer Security Applications Conference, Las Vegas (December 2002)Google Scholar
  3. 3.
    Aura, T.: Mobile IP Security. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2002. LNCS, vol. 2845, pp. 215–234. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Nikander, P., Arkko, J., Aura, T., Montenegro, G., Nordmark, E.: Mobile, I.P. version 6 Route Optimization Security Design Background, draft-ietf-mip6-ro-sec-02 (October 2004)Google Scholar
  5. 5.
    O’Shea, G., Roe, M.: Child-proof Authentication for MIPv6 (CAM). ACM Computer Communications Review 31(2) (July 2001)Google Scholar
  6. 6.
    Montenegro, G., Castelluccia, C.: Statistically Unique and Cryptographically Verifiable Identifiers and Addresses. In: Proc. ISOC Symposium on Network and Distributed System Security (NDSS 2002), San Diego (February 2002)Google Scholar
  7. 7.
    Aura, T.: Cryptographically Generated Addresses, RFC 3972 (March 2005)Google Scholar
  8. 8.
    Deng, R., Zhou, J., Bao, F.: Defending against Redirect Attacks in Mobile IP. In: Proc. The 9th ACM conference on Computer and communications security, Washington D.C, November 18-22 (2002)Google Scholar
  9. 9.
    You, I.-S., Cho, K.: A security proxy based protocol for authenticating the mobile iPv6 binding updates. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 167–174. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Soliman, S.: Mobile IPv6: Mobility in a Wireless Internet. Addison-Wesley, Reading (2004)Google Scholar
  11. 11.
    Arkko, J., Devarapalli, V.: F. Dupont, Using IPsec to Protect Mobile IPv6 Signaling between Mobile Nodes and Home Agents, RFC 3776 (June 2004)Google Scholar
  12. 12.
    Aura, T., Nikander, P., Leiwo, J.: DOS-resistant authentication with client puzzles. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols 2000. LNCS, vol. 2133, p. 170. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Hyun-Sun Kang
    • 1
  • Chang-Seop Park
    • 1
  1. 1.Department of Computer ScienceDankook UniversityChonan, ChoongnamRepublic of Korea

Personalised recommendations