Download presentation
Presentation is loading. Please wait.
Published byJemima Stanley Modified over 8 years ago
1
Mobile IPv6 Location Privacy Solutions draft-irtf-mobopts-location-privacy-solutions-01.txt Ying Qiu, Fan Zhao, Rajeev Koodli
2
Mobopts, IETF65, Dallas2 Outline Analysis of Location Privacy in MIP6 Hiding Mobile Node's Location Movement Information –Pseudo Home Address –Hiding HoA in Home Binding Update procedure –Hiding HoA in RR procedure –Traffic Packets between MN and CN in RO mode –Hiding CoA via Reverse Tunneling Mode Location Privacy with Unmodified RR Signaling –Route-Optimized Binding Update to CN –Reverse-tunneled Binding Update to CN
3
Mobopts, IETF65, Dallas3 Analysis of Location Privacy in MIP6 Current MIP6 specification doesn’t consider location privacy Both CoA and HoA are visible to onlookers in the following messages: –Home Binding Update and Acknowledgement –Correspondent Binding Update and Acknowledgement –Prefix Discovery –Data packets between MN and CN in the RO mode HoA is visible in the HoTI/HoT message on the HA-CN path. In RO mode, CoA can’t be hidden from CN. In RT mode, CoA can be hidden from CN and onlooker.
4
Mobopts, IETF65, Dallas4 Hiding Mobile Node's Location Movement Information (1) Pseudo Home Address –Not to reveal the real Home Address –Use some other field to substitute the real HoA –The field must be communicated securely –The field itself must not become a target of profiling –The field is recovered from the real HoA by the HA and CN Pseudo_HoA = HMAC_SHA1(Kph, Previous Pseudo_HoA)) where, Kph is the symmetric key between MN and HA
5
Mobopts, IETF65, Dallas5 Hiding Mobile Node's Location Movement Information (2) Hiding HoA in Home Binding Update Procedure(i) BU message: IPv6 header source = CoA destination = HA Destination option header Home Address option (Pseudo_HoA) ESP header in transport mode Mobility header Home Binding Update Alternative CoA option (CoA)
6
Mobopts, IETF65, Dallas6 Hiding Mobile Node's Location Movement Information (3) Hiding HoA in Home Binding Update Procedure (ii) BA message: IPv6 header source = HA destination = CoA Destination option header Home Address option (Pseudo_HoA) ESP header in transport mode Mobility header Home Binding Acknowledgement
7
Mobopts, IETF65, Dallas7 Hiding Mobile Node's Location Movement Information (4) Hiding HoA in RO mode (i) HoTI in MN-HA path: IPv6 header source = CoA destination = HA ESP header in tunneling mode IPv6 header source = HoA destination = CN Mobility header HoTI HoTI in HA-CN path: IPv6 header source = HA destination = CN Destination option Pseudo_HoA Mobility header HoTI
8
Mobopts, IETF65, Dallas8 Hiding Mobile Node's Location Movement Information (4) Hiding HoA in RO mode (ii) HoT in CN-HA path: IPv6 header source = CN destination = HA Destination option Pseudo_HoA Mobility header HoT HoT in HA-MN path: IPv6 header source = HA destination = CoA ESP header in tunneling mode IPv6 header source = CN destination = HoA Mobility header HoT
9
Mobopts, IETF65, Dallas9 Hiding Mobile Node's Location Movement Information (5) Hiding HoA in RO mode (iii) Correspondent Binding Update: –CoTI/CoT no change –BU message IPv6 header source = CoA destination = CN Destination option E(Kbm, Pseudo_HoA);a) hide the relationship between CoA and Pseudo_HoA b) recoverable by CN Mobility header BU=(Pseudo_HoA, home nonce index,...) –where Kbm = SHA1 (home keygen token | care-of keygen token) ; no change home keygen token = First (64, HMAC_SHA1(Kcn, (Pseudo_HoA | nonce | 0))) care-of keygen token = First (64, HMAC_SHA1(Kcn, (CoA | nonce | 1))); no change
10
Mobopts, IETF65, Dallas10 Hiding Mobile Node's Location Movement Information (6) Hiding HoA in RO mode (iv) Traffic Packets between MN and CN : –Packets from MN to CN: IPv6 header source = CoA destination = CN Destination option Pseudo_HoA Payload –Packets from CN to MN: IPv6 header source = CN destination = CoA Routing Header Pseudo_HoA Payload
11
Mobopts, IETF65, Dallas11 Hiding Mobile Node's Location Movement Information (7) Hiding CoA via Reverse Tunneling Mode To hide its CoA from the CN and its HoA from an onlooker, the data packets between MN and CN traffic through HA in reverse tunneling mode. (modified according to Vijay comments) In path MN-HA: IPv6 header source = CoA destination = HA ESP header in tunnel mode IPv6 header source = HoA destination = CN Payload In path HA-CN: IPv6 header source = HoA destination = CN Payload In path CN-HA: IPv6 header source = CN destination = HoA Payload In path HA-MN: IPv6 header source = HA destination = CoA ESP header in tunnel mode IPv6 header source = CN destination = HoA Payload
12
Mobopts, IETF65, Dallas12 Hiding Mobile Node's Location Movement Information (8) The increment of Sequence Numbers seq#_increment = First(8, HMAC_SHA1(Kbm, home nonce index | care nonce index)); Seq# = previous Seq# + seq#_increment. If seq#_increment = 0, then seq#_increment = 1. If new Seq# > 2 16 -1, new Seq# = 2 16 -1.
13
Mobopts, IETF65, Dallas13 Location Privacy with Unmodified RR Signaling (1) Brief Idea –both CN and MN derive a shared privacy management key, Kpm, from the keygen tokens achieved in the home address and care-of address test procedures; –afterwards, MN uses Kpm to hide its home address in the Binding Update to CN; –finally CN authenticates the received Binding Update and restores the MN'S home address therein.
14
Mobopts, IETF65, Dallas14 Location Privacy with Unmodified RR Signaling (2) Route-Optimized Binding Update to CN (1) –make the home address invisible to onlookers by replacing the real HoA with a Pseudo HoA –CN generates after getting HoTI Privacy_Keygen_Token = First (64, Kcn(HoA set to all zeros | nonce | 0)) –MN computes after getting HoT Kpm = SHA1 (Privacy_Keygen_Token | care-of keygen token) and Pseudo_Home_Address = String XOR HoA where, String = First (128, HMAC_SHA1 (Kpm, (CoA | Home Nonce Index | Care-of Nonce Index)))
15
Mobopts, IETF65, Dallas15 Location Privacy with Unmodified RR Signaling (3) Route-Optimized Binding Update to CN (2) –CN compute Kpm when receives a BU with Pseudo_HoA. –The computation is similar to how it would compute Kbm, except that the Privacy Keygen Token is computed with HoA set to all zeros. –CN computes the String and recovers the HoA with Kpm. –CN compute the home keygen token, the Kbm, and verify the MAC for the Binding Update. –If Binding Update processing is successful, the Pseudo Home Address is considered valid. –CN then stores the nonce indices, and the Kbm itself. –CN sends a normal Binding Acknowledgment to the MN. –The String is computed once by both the MN and the CN, and hence the Pseudo Home Address as computed above remains constant, until one of the address cookies expires or the MN undergoes a handover.
16
Mobopts, IETF65, Dallas16 Location Privacy with Unmodified RR Signaling (4) Reverse-tunneled Binding Update to CN –MN may send the BU not directly to CN, but via HA IPv6 header source = CoA destination = HA ESP header in tunneling mode IPv6 header source = HoA destination = CN Mobility header BU Alternate Care-of Address option (care-of address) –CN, after getting the BU, computes the Kbm first. –verifies the MAC for the Binding Update –recovers the HoA from the Pseudo HoA, then verifies if it is actually the HoA present in the source IP address.
17
Q & A Thank You
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.