MIPv6ed - Columbia University

Download Report

Transcript MIPv6ed - Columbia University

Mobile IPv6
for
Windows XP (.NET Server)
and
Windows CE 4.0
Greg O’Shea, MSRC
Joint with Lancaster University
And Ericsson Research
Contents
•
•
•
•
Background
Mobile IPv6
Demo
Security
Background
The Internet
• A network of networks
• Machines have 32-bit addresses comprising:
– Network Id: network of attachment
– Host: unique within network
•
•
•
•
Machines hear traffic local to their network
Routers forward packets between networks
Machines send to remote net via router
DNS provides name to address lookup
Why IPv6
• Initiative first started June 1992
– First draft published Jan 1996
• Initial response to concerns about IPv4
– Shortage of IPv4 32-bit addresses
– Size of IPv4 routing tables
• 128-bit address space
– 64-bit network prefix (hierarchic structure to assist routing)
– 64-bit Interface Id (~unique: e.g. derived from MAC address)
• IPv6 addresses are cheap and easily acquired
– Stateless address auto-configuration: router’s prefix plus IF-Id
– Duplicate Address Detection (DAD) is integral to protocol
MIPv6 Status
• 1 – still no RFC, IETF draft 15
– awaiting consensus on security (~8 proposals)
• 2 – IPv6 in XP-Pro (obscured) & .NET Server
• 3 – MIPv6 for Win2000 (based on MSR NT4 stack)
– Free download for research (src & bin)
• 4 – Mobile extensions to .NET Server stack
– Lancaster LandMARC project
• 5 – (M)IPv6 code to CE4.0 Core OS group
– Lancaster LandMARC project
• 6 – Proposed security protocol to IETF
– Joint with Ericsson Research
Mobile IPv6
Moving Between Networks Today
Reason why
Traditional IP address = (network + host-id)
– is bound to a specific network
– Connections break if node moves between nets
– Problem for mobile, wireless computers (future)
Solution: Mobile IPv6
• MIPv6 mobile node (MN) uses two addresses
– Home Address (HoA): well known / used by apps
– Care-of Address (CoA): forwarding address
•
•
•
•
•
IPv6 addresses: cheap and plentiful
Network connections survive movement
Mobile machines may use multiple link types
Transparent support for any IPv6-enabled app
NB: does not provide for IPv4 connections
Mobile on home net
Correspondent elsewhere on internet
Packets arrive on home net (normal)
Mobile node moves to foreign net
Mobile tells Home Agent its location
Packets still arrive on home net
Home agent forwards onto mobile
Tell correspondent the current net
So home agent can be bypassed
Demo
Demo : Logical network
Correspondent
Ethernet
Home Agent
Foreign Net
Token-ring
Internet
Test
Load
On
On
Line Battery
Smart Replace
Boost Battery Battery
Router
Home network
Home Net
Demo : Home Agent in router
Correspondent
Ethernet
Home Agent
Foreign Net
Token-ring
Internet
Test
Load
On
On
Line Battery
Smart Replace
Boost Battery Battery
Router
Home network
Home Net
Demo : Correspondent in router
Correspondent
Ethernet
Foreign Net
Home Agent
Token-ring
Internet
Test
Load
On
On
Line Battery
Smart Replace
Boost Battery Battery
Router
Home network
Home Net
Demo : one router suffices
Foreign Net
Correspondent
Home Agent
Token-ring
Internet
Test
Load
On
On
Line Battery
Smart Replace
Boost Battery Battery
Router
Home network
Home Net
Demo : small enough to carry
Correspondent
Home Agent
Foreign net
Router
Home network
Home Net
MIPv6 on CE4.0+ WebPad
MIPv6 on Outlook (pre-release)
Security
Attacks that exploit MIPv6
• Spoofed Binding Update
– Attacker knows or guesses the address to attack
• Secrecy and integrity
– Attacker redirect packet flows via itself
• Break packet flows (DoS)
– Redirect packet flow into black hole
• Amplification attack
– Send packet to X
– Asking X to send many packets to Y
– “dump your 100GB disk to this UDP port”
IETF draft (13) : use IPSec
•
•
•
•
•
V13 mandates IPsec AH on Binding Updates
Works, but too hard to configure and test
Doesn’t scale with manual key distribution
Doesn’t validate care-of address
Helps if administrator has:
–
–
–
–
network monitors attached
kernel debugger(s) installed on all machines
source code for IPv6 stack
program for configuring the program for
configuring IPSec
Elements of our protocol
• Cryptographically Generated Addresses
– Establish “ownership” of a Home Address
• Return routability tests for CoA and HoA
–
–
–
–
–
A sort of cookie exchange (low cost)
Test the addresses we are given by a MN
Does a packet sent to CoA get correct response?
Is MN reachable on HoA via its Home Agent?
Precursor to any expensive public-key operations
CAM: Childproof Authentication for
MIPv6
• Mobile node m chooses key pair (PKm,SKm)
• Mobile m chooses Home addr (IF-Id) Am = H(PKm, i)
– Int i used to resolve IPv6 address collisions
• Binding Update from m includes:
A’m, Ac, Am, PKm, i, {H(A’m, Ac, Am, Tm)}SKm
• Correspondent verifies Am = H(PKm, i) and the hash
from the Binding Update
• Use of PKm is uncertified, but says nothing about realworld identify
• Impostor cannot submit bogus BU without finding
(PK’, SK’) where H(PK’, i) = Am
– (which is hard)
References
• Childproof Authentication for Mobile IPv6
(CAM), Greg O’Shea and Michael Roe, ACM
Communications Review, April 2001.
• Authentication of Mobile IPv6 Binding Updates
and Acknowledgements, M. Roe, T. Aura, G.
O’Shea, J. Arkko, http://www.ietf.org/internetdrafts/draft-roe-mobileip-updateauth-01.txt
• MIPv6 BU Attacks and Defences, T.Aura and J.
Arkko, http://www.ietf.org/internet-drafts/draftaura-mipv6-BU-attacks-01.txt