Securing Binding Update in Mobile IPv6 Using Private Key Base Binding Update Protocol

TL;DR

This paper proposes a secure Private Key Based Binding Update protocol for Mobile IPv6 to protect against various security threats like false updates, MITM, and DoS attacks, improving upon existing insecure methods.

Contribution

It introduces a novel PKBU protocol that enhances security of binding updates in Mobile IPv6 using private key cryptography.

Findings

PKBU effectively prevents false binding updates.

PKBU mitigates man-in-the-middle attacks.

PKBU reduces susceptibility to DoS attacks.

Abstract

Mobile IPv6 control signalling messages generally act as informants to the home agent (HA) and the correspondent node (CN) regarding a mobile node's (MN's) new address when its network attachment point changes. Messages should be protected to avoid different security attacks. In the existing standard, control signalling messages between HA and MN are frequently authenticated with IKEv2 and X.509 certificates via IPSec. These signalling messages between MN and CN are so far protected by an effective but insecure protocol. A protocol that uses Binding Update Route Optimisation has security vulnerabilities that allow redirection of traffic by attackers. This traffic is intercepted and then false binding updates is sent along with packet eavesdropping and Denial of Service (DoS) that disrupts any communication. Due to lack of ineffective authentication procedures to ascertain the validity of the users or hide the location data of HoA and CoA, security issues mentioned above will occur. This paper presents some of existing protecting control signalling message protocols, as well as some proposed approaches for designing a secure method-based private key IP address between an MN and a CN. Using Private Key Based Binding Update (PKBU), care-of-address (CoA) can thus be protected against False Binding Update (FBU), Man-in-the-Middle (MITM) and Denial-of-Service (DoS) attacks.