Distributing a Symmetric FMIPv6 Handover Key using SEND
draft-kempf-mipshop-handover-key-00

Document Type Replaced Internet-Draft (individual)
Last updated 2008-03-03 (latest revision 2006-05-30)
Replaced by draft-ietf-mipshop-handover-key
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Reviews
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-mipshop-handover-key
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-kempf-mipshop-handover-key-00.txt

Abstract

Fast Mobile IPv6 requires that a Fast Binding Update is secured using a security association shared between an Access Router and a Mobile Node in order to avoid certain attacks. In this document, a method for distributing a shared key to secure this signaling is defined. The method utilizes the RSA public key that the Mobile Node used to generate its Cryptographically Generated Address in SEND. The RSA public key is used to encrypt a shared key sent from the Access Router to the Mobile Node prior to handover. The ability of the Mobile Node to decrypt the shared key verifies its possession of the private key corresponding to the CGA public key used to generate the address. This allows the Mobile Node to use the shared key to sign and authorize the routing changes triggered by the Fast Binding Update.

Authors

James Kempf (kempf@docomolabs-usa.com)
Rajeev Koodli (Rajeev.Koodli@gmail.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)