1 / 6

Wireless Authentication Protocol for MIPv6 Status Update

This draft presents an authentication protocol for Mobile IPv6, detailing AAA server interactions, CoA acquisition, and MN-AAA/MN-HA authentication options. It supports BU/BA message authentication and emphasizes security measures. The update removes encryption for route optimization support and introduces a subtype for MN-AAA authentication. Identification option enhances replay protection with 64-bit implementation. Refinements needed for security considerations and clarification on authentication and identification option usage.

dugan
Download Presentation

Wireless Authentication Protocol for MIPv6 Status Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication option for MIPv6Status Updatedraft-ietf-mip6-auth-protocol-00.txt3rd August, 2004 Alpesh Patel Kent Leung Kuntal Chowdury Mohammad Khalil Hasseb Akthar

  2. Wireless Access Solution AAA Server IPv6 Network BTS AR HA Obtain a CoA BU with new Mobility Options (MN Identification option, MN-HA/MN-AAA Authentication option) AAA Auth Request AAA Reply BA with new Mobility Options (MN Identification option, MN-HA Authentication option) Data Session

  3. Changes from last version • Removed encryption of selective fields to support route optimization • Current version supports authentication of BU/BA messages only • Added subtype for MN-AAA authentication option

  4. MN-HA/AAA Authentication Option 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Subtype | SPI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SPI | Authenticator . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Subtype * MN-HA authentication * MN-AAA authentication

  5. Identification Option 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Option Type | Option Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Identification: * Provide replay protection * 64-bits

  6. Next Steps • Need to refine the draft on the following aspects: • Add clarifying text in security considerations • Clarify usage of MN-AAA authentication option • Clarify the usage/details of the identification option

More Related