Distributing a Symmetric FMIPv6 Handover Key using SEND
draft-kempf-mipshop-handover-key-00
Document | Type |
Replaced Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | James Kempf , Rajeev Koodli | ||
Last updated | 2008-03-03 (Latest revision 2006-05-30) | ||
Replaced by | draft-ietf-mipshop-handover-key | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Reviews | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Replaced by draft-ietf-mipshop-handover-key | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
Fast Mobile IPv6 requires that a Fast Binding Update is secured using a security association shared between an Access Router and a Mobile Node in order to avoid certain attacks. In this document, a method for distributing a shared key to secure this signaling is defined. The method utilizes the RSA public key that the Mobile Node used to generate its Cryptographically Generated Address in SEND. The RSA public key is used to encrypt a shared key sent from the Access Router to the Mobile Node prior to handover. The ability of the Mobile Node to decrypt the shared key verifies its possession of the private key corresponding to the CGA public key used to generate the address. This allows the Mobile Node to use the shared key to sign and authorize the routing changes triggered by the Fast Binding Update.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)