IP Address Location Privacy and Mobile IPv6 draft-koodli-mip6-location-privacy-00.txt draft-koodli-mip6-location-privacy-solutions-00.txt.

Slides:



Advertisements
Similar presentations
Security Issues In Mobile IP
Advertisements

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.
Mobile IPv6: An Overview Dr Martin Dunmore, Lancaster University.
IPv6 Mobility Support Henrik Petander
1 Introduction to Mobile IPv6 IIS5711: Mobile Computing Mobile Computing and Broadband Networking Laboratory CIS, NCTU.
Mobility Support in IPv6 Advanced Internet, 2004 Fall 8 November 2004 Sangheon Pack.
MIP Extensions: FMIP & HMIP
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
Mobile IPv6 趨勢介紹 1. Mobile IP and its Variants Mobile IPv4 (MIPv4) – MIPv4 – Low-Latency Handover for MIPv4 (FMIPv4) – Regional Registration for MIPv4.
1 DSMIP6 Support QUALCOMM Inc. Jun Wang, George Cherian, Masa Shirota Notice.
A Seamless Handoff Approach of Mobile IP Protocol for Mobile Wireless Data Network. 資研一 黃明祥.
IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,
Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-04 S. Thiruvengadam Hannes Tschofenig Franck Le Niklas Steinleitner.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
Authentication In Mobile Internet Protocol version 6 Liu Ping Supervisor: professor Jorma Jormakka.
NISNet Winter School Finse Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology
1 Route Optimization based on ND-Proxy for Mobile Nodes in IPv6 Mobile Networks Jaehoon Jeong, Kyeongjin Lee, Jungsoo Park, Hyoungjun Kim ETRI
Mobile IP Overview: Standard IP Standard IP Evolution of Mobile IP Evolution of Mobile IP How it works How it works Problems Assoc. with it Problems Assoc.
Mobile IP.
Protocol for Hiding Movement of Mobile Nodes in Mobile IPv6 draft-qiu-mip6-hiding-movement-00.txt F. BAO, R. DENG, J. Kempf, Y. QIU and J.Y ZHOU.
Mobile IP Performance Issues in Practice. Introduction What is Mobile IP? –Mobile IP is a technology that allows a "mobile node" (MN) to change its point.
Slide 1, Dr. Wolfgang Böhm, Mobile Internet, © Siemens AG 2001 Dr. Wolfgang Böhm Siemens AG, Mobile Internet Dr. Wolfgang.
Mobile IP Traversal Of NAT Devices By, Vivek Nemarugommula.
1 Chapter06 Mobile IP. 2 Outline What is the problem at the routing layer when Internet hosts move?! Can the problem be solved? What is the standard solution?
1 Utilizing Multiple Home Links on Mobile IPv6 Waseda University Hongbo Shi Shigeki Goto
Introducing Reliability and Load Balancing in Home Link of Mobile IPv6 based Networks Jahanzeb Faizan, Mohamed Khalil, and Hesham El-Rewini Parallel, Distributed,
National Institute Of Science & Technology Mobile IP Jiten Mishra (EC ) [1] MOBILE IP Under the guidance of Mr. N. Srinivasu By Jiten Mishra EC
1 MIPv6 CN-Targeted Location Privacy and Optimized Routing draft-weniger-mobopts-mip6-cnlocpriv-01 IETF #68, Prague, March 2007.
1 Sideseadmed (IRT0040) loeng 5/2010 Avo
NEtwork MObility (NEMO) Houcheng Lee. Main Idea NEMO works by moving the mobility functionality from Mobile IP mobile nodes to a mobile router. The router.
Mobile IPv6 Location Privacy Solutions UPDATE draft-irtf-mobopts-location-privacy-solutions-04.txt Ying Qiu, Fan Zhao, Rajeev Koodli.
49th IETF - San Diego - 1 Mobile Networks Support in IPv6 - Draft Update draft-ernst-mobileip-v6-01.txt - Thierry Ernst - MOTOROLA Labs Ludovic Bellier.
1 Julien Laganier MEXT WG, IETF-79, Nov Authorizing MIPv6 Binding Update with Cryptographically Generated Addresses
1 IETF 78: NETEXT Working Group IPSec/IKEv2 Access Link Support in Proxy Mobile IPv6 IPSec/IKEv2-based Access Link Support in Proxy Mobile IPv6 Sri Gundavelli.
Mobile IP Outline Intro to mobile IP Operation Problems with mobility.
1 Mobility Support in IPv6 (MIPv6) Chun-Chuan Yang Dept. Computer Science & Info. Eng. National Chi Nan University.
PMIPv6 Route Optimization Protocol draft-qin-mipshop-pmipro-00.txt Alice Qin Andy Huang Wenson Wu Behcet Sarikaya.
07/03/ nd IETF – Minneapolis Mobile IPv6 WG meeting PF_KEY Extension as an Interface between Mobile IPv6 and IPsec/IKE Shinta Sugimoto Francis Dupont.
Mobile IPv6 and Firewalls: Problem Statement Speaker: Jong-Ru Lin
Ασύρματες και Κινητές Επικοινωνίες Ενότητα # 10: Mobile Network Layer: Mobile IP Διδάσκων: Βασίλειος Σύρης Τμήμα: Πληροφορικής.
Mobile IPv6 with IKEv2 and revised IPsec architecture IETF 61
Overview of draft–16 for MIPv6 MIPv6 Design Team March 19 th, 2002.
Mobile IP Definition: Mobile IP is a standard communication protocol, defined to allow mobile device users to move from one IP network to another while.
MIPv6Security: Dimension Of Danger Unauthorized creation (or deletion) of the Binding Cache Entry (BCE).
Currently Open Issues in the MIPv6 Base RFC MIPv6 security design team.
1 Route Optimization and Location Privacy using Tunneling Agents (ROTA) draft-weniger-rota-01 Kilian Weniger, Takashi Aramaki IETF #64, Nov 2005.
Multiple Care-of Address Registration on Mobile IPv6 Ryuji Wakikawa Keisuke Uehara Thierry Ernst Keio University / WIDE.
Network Mobility (NEMO) Advanced Internet 2004 Fall
Click to edit Master title style Click to add subtitle © 2008 Wichorus Inc. All rights reserved. CONFIDENTIAL - DO NOT DISTRIBUTE rfc3775bis Issues November.
Multiple Care-of Address Registration draft-ietf-monami6-multiplecoa-02.txt.
RO without HA Georg Hampel, Thierry Klein draft-hampel-mext-ro-without-ha-00.txt.
Mobile IPv6 Location Privacy Solutions UPDATE draft-irtf-mobopts-location-privacy-solutions-04.txt Ying Qiu, Fan Zhao, Rajeev Koodli.
IP Address Location Privacy and Mobile IPv6: Problem Statement draft-irtf-mobopts-location-privacy-PS-00.txt Rajeev Koodli.
SECURITY THREATS ANALYSIS OF ROUTE OPTIMIZATION MECHANSIM IN MOBILE IPV6 BY Wafaa Al-Salihy.
Service Flows Distribution and Handoff Technique based on MIPv6 draft-liu-dmm-flows-distribution-and-handoff-00
Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 
Mobile IPv6 Location Privacy Solutions draft-irtf-mobopts-location-privacy-solutions-01.txt Ying Qiu, Fan Zhao, Rajeev Koodli.
MOBILE IP & IP MICRO-MOBILITY SUPPORT Presented by Maheshwarnath Behary Assisted by Vishwanee Raghoonundun Koti Choudary MSc Computer Networks Middlesex.
RFC 3775 IPv6 Mobility Support
Booting up on the Home Link
Route Optimization of Mobile IP over IPv4
Support for Flow bindings in MIPv6 and NEMO
Mobility Support in IPv6 (MIPv6)
Introduction to Wireless Networking
draft-jeyatharan-netext-pmip-partial-handoff-02
Mobile IP Presented by Team : Pegasus Kishore Reddy Yerramreddy Jagannatha Pochimireddy Sampath k Bavipati Spandana Nalluri Vandana Goyal.
Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation
Mobile IP Outline Intro to mobile IP Operation Problems with mobility.
Presentation transcript:

IP Address Location Privacy and Mobile IPv6 draft-koodli-mip6-location-privacy-00.txt draft-koodli-mip6-location-privacy-solutions-00.txt

Introduction Mobile IP defines two IP addresses Home Address (HoA) The MN’s fixed identifier Visible in all packets the MN uses whether on its home network or a visited network Care of Address (CoA) The MN’s routable address on a visited network Visible in all packets sent from the visited network

The problem Roaming problem: HoA on a visited network reveals user roaming to an on-looker CoA reveals user roaming to a correspondent Profiling problem: As with any IPv6 address, an HoA or a CoA can be profiled for activity

Profiling problem Care of Address: Can use privacy extensions to IPv6 (RFC 3041) Could introduce additional Mobile IPv6 signaling Home Address: Using RFC 3041 addresses introduces DNS and IPsec considerations: DNS: DNS update Mobility Option in BU Frequent updates (more than static HoA, and dynamic HoA) DNS TTL has to be small IPsec: Since the MN – HA SA is keyed on HoA, frequent re-keying is necessary Uses HoA as phase 2 identity (IKEv1) or Traffic-Selector- initiator (IKEv2)

Roaming Problem Knowledge of CoA to a correspondent Reverse-tunnel data packets Knowledge of HoA to an on-looker Reverse-tunneling: ESP tunnel between MN and HA carries all traffic including Binding Update and Binding Acknowledgment Route Optimization: Replace HoA with a Label in both Binding Update and data packets Packet formats in the solutions draft

Privacy Label Computation HoA should be recoverable from the Label Label should be computable without HoA, since HoA should not be visible in any route-optimized packets (including BU) sent from the MN to CN If BU is reverse-tunneled, the HoA is visible in the HA – CN path, but Label computation can include HoA If BU is sent route-optimized, HoA is not visible at all, but needs addition of a bit to the HOTI message

Label Computation Privacy Label = String XOR HoA String = First (128, HMAC_SHA1 (K pm, (CoA | Home Nonce Index | Care-of Nonce Index))) K pm = K bm for reverse-tunneled BU K pm = First (64, Kcn (HoA set to all zeros | nonce | 0))

Related Work draft-qiu-mip6-hiding-movement-00.txt draft-zhao-mip6-rr-ext-01.txt draft-dupont-mip6-privacyext-00.html Others?