Handover Keys Using AAA (draft-vidya-mipshop-handover-keys-aaa-03.txt)

Slides:



Advertisements
Similar presentations
Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
Advertisements

IETF 71: NETLMM Working Group – Proxy Mobile IPv6 1 Proxy Mobile IPv6 111 draft-ietf-netlmm-proxymip6-11.txt IETF 71: NETLMM Working Group – Proxy Mobile.
MIP Extensions: FMIP & HMIP
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
Fast handovers for PMIPv6 Hidetoshi Yokota KDDI Lab Kuntal Chowdhury Starent Networks Rajeev Koodli Nokia Siemens Networks Basavaraj Patil Nokia Siemens.
Dean Cheng Jouni Korhonen Mehamed Boucadair
Dean Cheng Jouni Korhonen Mehamed Boucadair
1 RADIUS Mobile IPv6 Support draft-ietf-mip6-radius-01.txt Kuntal Chowdhury Avi Lior Hannes Tschofenig.
August 2, 2005draft-vidya-mipshop-fast-handover-aaa-00 Handover Keys using AAA (draft-vidya-mipshop-fast-handover-aaa-00.txt) Vidya Narayanan Narayanan.
Transient BCE for Proxy Mobile IPv6 draft-ietf-mipshop-transient-bce-pmipv6-00.txt Oliver Marco
1 NetLMM Vidya Narayanan Jonne Soininen
6lowpan ND Optimization draft Update Samita Chakrabarti Erik Nordmark IETF 69, 2007 draft-chakrabarti-6lowpan-ipv6-nd-03.txt.
Overview of draft–16 for MIPv6 MIPv6 Design Team March 19 th, 2002.
July 2007 CAPWAP Protocol Specification Editors' Report July 2007
RFC 4068bis draft-ietf-mipshop-fmipv6-rfc4068bis-01.txt Rajeev Koodli.
Multiple Care-of Address Registration draft-ietf-monami6-multiplecoa-02.txt.
MIP6 RADIUS IETF-72 Update draft-ietf-mip6-radius-05.txt A. LiorBridgewater Systems K. ChowdhuryStarent Networks H. Tschofenig Nokia Siemens Networks.
Draft-ietf-ccamp-lmp-02.txt Link Management Protocol (LMP) LMP draft updates…  draft-ietf-ccamp-lmp-07.txt  draft-ietf-ccamp-lmp-wdm-01.txt  draft-ietf-ccamp-lmp-test-sonet-sdh-00.txt.
Doc.: IEEE /2179r0 Submission July 2007 Steve Emeott, MotorolaSlide 1 Summary of Updates to MSA Overview and MKD Functionality Text Date:
CAPWAP Threat Analysis
Georg Carle, Sebastian Zander, Tanja Zseby
IEEE MEDIA INDEPENDENT HANDOVER
Network –based fast handovers for local mobility (NFLM)
Distributing a Symmetric FMIPv6 Handover Key using SEND
Thomas C. Schmidt HAW Hamburg
Open issues with PANA Protocol
PANA in DSL networks draft-morand-pana-panaoverdsl-01.txt
PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt)
Network Based Connectivity and Mobility Management for IPv4 draft-chowdhury-netmip4-00.txt Kuntal Chowdhury IETF-65.
Mobile IPv6 Fast Handovers for 3G CDMA Networks
PANA Issues and Resolutions
Handover Keys using AAA (draft-vidya-mipshop-fast-handover-aaa-01.txt)
AAA and AAAS URI Miguel A. Garcia draft-garcia-dime-aaa-uri-00.txt
Carrying Location Objects in RADIUS
for IP Mobility Protocols
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
Fast Handover for Multicast in Proxy Mobile IPv6
Topic #1 & #5 “All that has to do with header formats”
ERP extension for EAP Early-authentication Protocol (EEP)
Discussions on FILS Authentication
draft-ietf-geopriv-lbyr-requirements-02 status update
IETF67 B. Patil, Gopal D., S. Gundavelli, K. Chowdhury
CARD Designteam A. Singh, D. Funato, H. Chaskar, M. Liebsch
IEEE MEDIA INDEPENDENT HANDOVER
IETF Liaison Report November 2003 Dorothy Stanley – Agere Systems
Charles Clancy Katrin Hoeper IETF 73 Minneapolis, USA 17 November 2008
draft-ipdvb-sec-01.txt ULE Security Requirements
IETF Liaison Report May 2004 Dorothy Stanley – Agere Systems
OSPF WG Status IETF 98, Chicago
STIR WG IETF-99 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-00) July, 2017 Ray P. Singh, Martin Dolly, Subir Das, and An.
Overview of Changes to Key Holder Frame Formats
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Liaison Report Date Submitted: March 18, 2010 Presented at IEEE session.
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
IEEE MEDIA INDEPENDENT HANDOVER DCN:
PMIP6 extensions for inter-access handovers and flow mobility
Security Activities in IETF in support of Mobile IP
PAA-2-EP protocol PANA wg - IETF 58 Minneapolis
IEEE MEDIA INDEPENDENT HANDOVER DCN:
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
Mobility Support in Wireless LAN
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
Overview of Improvements to Key Holder Protocols
IEEE MEDIA INDEPENDENT HANDOVER DCN:
Overview of Improvements to Key Holder Protocols
BPSec: AD Review Comments and Responses
IEEE MEDIA INDEPENDENT HANDOVER
IEEE MEDIA INDEPENDENT HANDOVER DCN: sec
Qin Wu Zhen Cao Yang Shi Baohong He
IETF Liaison Report January 2004 Dorothy Stanley – Agere Systems
Presentation transcript:

Handover Keys Using AAA (draft-vidya-mipshop-handover-keys-aaa-03.txt) vidyan@qualcomm.com narayanan.venkitaraman@motorola.com gerardo.giaretta@telecomitalia.it hannes.tschofenig@siemens.com julien.bournelle@int-evry.fr

Changes since Dallas Two reviews received (official MOBDIR and unofficial SECDIR) and comments incorporated Summary of changes: Replay protection mechanism using timestamps alone Sequence number field removed; no need for both sequence number and timestamps Timestamp allows stateless AAA server function Error codes streamlined Fixed IANA section Defined PRF Message summary added for clarification MAC Option to be pulled into RFC4068bis Draft will be revised after update of 4068bis Technical work is mostly complete Extensive reviews received Appendices to be submitted as RADEXT and DIME documents Satisfied all criteria for adoption as WG document Adoption?

Backup Slides

Example Topology AP2.1 MN AP2.2 AR2 AAAH Server AP1.1 AR1 MN AP1.2

Protocol Overview AAA Server MN AR1 AR2 HKReq RADIUS Access Request HMK Generated HMK Generated HKReq ([MN ID, Msg ID, Seq #, MN Nonce], MN-AAA MAC) RADIUS Access Request ([HKReq, NAS IP], AR-AAA MAC) Validate MAC Generate HK1 RADIUS Access Accept ([AAA Nonce, Lifetime] AAA-MN MAC, [HK1], ARn-AAA Key) HKResp Decrypt HK1 Generate HK1 ([AAA Nonce, Lifetime] AAA-MN MAC) MN Handoff To AR2 FNA([FBU], HK1) [FBU], HK1 Validate FBU FBAck FBAck

Draft Goals Establish a handover key between MN and AR to secure FBU/FBAck Simple, single roundtrip protocol

Draft Status No current open issues Previous discussion – CoA validation prior to handover key derivation Discussion on how to update the draft and move forward

IP Address Validation Strictly in the context of FMIP Purpose – validate the CoA of the MN while deriving the handover key

IP Address Validation Mechanisms Controlled networks may have their own means of IP address validation On links such as PPP, IPv6CP can provide tight control over IP address assignment Some technologies would allow binding of L2 credentials to IP addresses at the time of network access Other more definitive methods also possible Consensus on providing guidance in the security considerations section

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.