Name: draft-kempf-mobopts-handover-key-00
Title: Bootstrapping a Symmetric IPv6 Handover Key from SEND
State: Active
Authors: James Kempf
Group: Individual Submissions (none)
Date: 2004-06-18
Multiple IPv6 handover optimization protocols (for example, Fast Mobile
IPv6 and Context Transfer Protocol) require an Access Router to verify that
signaling received to perform an IP handover operation originated from a
Mobile Node having authorization to claim a particular address on the
Access Router's wireless subnet. In this document, a method for securing
such signaling is defined. The method utilizes a secret key sent from the
Access Router to the Mobile Node prior to handover, encrypted with an RSA
public key that the Mobile Node used to generate its Cryptographically
Generated Address. The ability of the Mobile Node to decrypt the secret key
verifies its possession of the private key corresponding to the public key
used to generate the address. This allows the Mobile Node to use the secret
key to sign and authorize signaling causing changes affecting traffic to
and from that address. The use of symmetric cryptography avoids the time
consuming public key operation associated with using the RSA key directly
during performance-sensitive IP subnet handover.
[sh-index] Back to list of manuals
|
| |
