Transcript Fast Handover Security ~ (Cont.)

Security on Fast Handover for
Proxy Mobile IPv6
2015. 6
Thunghai University
Assoc. Prof. Dr. Ilsun YOU
Korean Bible University
Table of Contents





Self Introduction
Summary of My Research Works
Research Plan
Research Collaborations
Q&A
1. Dr. Ilsun YOU
IET Fellow/ IEEE Senior Member
IFIP WG8.4 member
(http://ifip84.sba-research.org/)
Associate Professor
Dept. of Computer Software
Korea Bible University
* Joined department: March 2005

Education Background
◦ B.S., M.S, 1st Ph.D. from Dankook University
- Supervisor: Prof. Kyungsan CHO
◦ 2nd Ph.D. from Kyushu University, Japan
- Supervisor: Prof. Koichi SAKURAI
- supported by NRF-JSPS Ph.D. Dissertation Program

Work Experience (1997.3 ~ 2004.12: 7 years experience)
◦ Hanjo Engineering Co., Ltd. [GIS R&D]
◦ Internet Security Co., Ltd. [Internet Security R&D]
◦ THINmultimedia, Inc.[DRM Tech. R&D]
2. Summary of My Research Works

Research Interests & Outcomes
◦ Research topics





(Mobile) Internet and Wireless Network Security
Authentication and Access Control
Formal Security Analysis
Security & Cryptography API
Insider Threats and Information Leakage Prevention
◦ Publication – total 118 including finally accepted ones
(47: SCI(E), 2: Scopus, 14: KCI, 55: International Conference)
 ePASS: An expressive attribute-based signature scheme with privacy and an
unforgeability guarantee for the Internet of Things
 ACSP: A novel security protocol against counting attack for UHF RFID systems
 Enhancing MISP with Fast Mobile IPv6 Security
 DSSH: Digital signature based secure handover for network-based mobility
management
 Enhancing SVO Logic for Mobile IPv6 Security Protocols
2. Summary of My Research Works

Editorship
◦ Editor-in-Chief
 JoWUA (Scopus Indexed)
J. of Wireless Mobile Networks, Ubiquitous Computing,
and Dependable Applications
http://www.jowua.org
 JISIS
J. of Internet Services and Information Security
http://www.jisis.org/
 INPRA
It coNvergence PRActice
http://inpra.yolasite.com
◦ SCIE/Scopus Journal Editorial Board
 SCIE Journal
JNCA (IF: 1.467), IJAHUC (IF: 0.511), CAI (IF: 0.254)
 Scopus Journal: JHSN
2. Summary of My Research Works

Research events
◦ MobiWorld - Intl. Workshop on Mobility Management
in the Networks of the Future World
(with IEEE INFOCOM, GLOBECOM, CCNC conferences)
◦ MIST - Intl. Workshop on Managing Insider Security
Threats
◦ AsiaARES - The Asian Conf. on Availability, Reliability
and Security (with ICT-EurAsia conference)
◦ SeCIHD - IFIP Intl. Workshop on Security and Cognitive
Informatics for Homeland Defense (with ARES conference)
2. Summary of My Research Works

Research Projects
◦ Study on security for fast and seamless handover in PMIPv6 with
cross-layer approach based on IEEE 802.21 MIH
(NRF, 2014~16) – Principle Researcher
◦ Study on vulnerabilities of cryptographic software library
and their countermeasures (KISA, 2013)
(focusing on MS Crypto API Next Generation)
– Co-Researcher
◦ Development of a vulnerability analysis tool
for secure USB
(Prosecutor's Office, 2012) – Co-Researcher
◦ Vulnerability analysis on secure USB flash driver
(KIISC, 2012) – Co-Researcher
◦ Study on malware obfuscation technologies
(KISA, 2010) – Co-Researcher
2. Summary of My Research Works

Membership
Awarded as IET Fellow and IEEE Senior Member
2. Summary of My Research Works

“Security on Fast Handover for
the Mobile IPv6 Family”
◦ Organization of this talk




Mobility Management Overview
Mobile IPv6 Overview
Fast Handover Security for the MIPv6 family
My Research Plan
2. Summary of My Research Works
◦ Mobility Management
Mobility management has become an important
function which enables mobile nodes to successfully
receive new connections and maintain ongoing
connections during their movement
 Mobility management at different OSI layers :
 Link layer
treating movements between access points
 Network layer
treating movements between access routers (address changes)
 Upper layers
keeping the current Internet architecture. (ex. mSCTP (trans.), SIP (appl.))
 Cross-layer
taking advantages from different layers It is popular to combine network layer
with link layer.
2. Summary of My Research Works
◦ Mobility Management (Cont.)
2. Summary of My Research Works
◦ Mobility Management (Cont.)
2. Summary of My Research Works
◦ Mobility Management (Cont.)
In real world, there are two major mobile networks:
3GPP family and Mobile WiMAX (IEEE 802.16m)
 These networks just deploy link layer mobility while
intentionally excluding IP mobility :
 The Cost for IP mobility is expensive
 Most of applications are simple Web based applications and
their life time tends to be short. Thus, it is not so necessary to
maintain sessions during mobile nodes’ movements.
 Each IP subnet covers a large area (no address change)
For example, the subscribers of China Mobile access to the
Internet through the GPRS can use the same IP address in a
province (e.g. Guangzhou Province about 180,000 square
kilometers)
2. Summary of My Research Works
◦ Mobility Management (Cont.)
 Due to the 4G requirements,
IP mobility recently has gained attention:
 High speed: 100 mbps / 1 Gbps
 high qualified multimedia applications such as
VoIP, video conference, mobile online game, etc.
 It is necessary to maintain sessions during MNs’
movements
 Smooth handover between heterogeneous networks
(especially between 3GPP and non-3GPP networks)
 WLAN offload issue
 As a result, IP mobility has been included in:
 3GPP LTE/SAE: MIPv6, PMIPv6,
DMIPv6 (Dual-Stack MIPv6)
 Mobile WiMAX: MIPv4, MIPv6, PMIP4
2. Summary of My Research Works
◦ Mobile IPv6 Overview
Mobile IPv6 (MIPv6) is a protocol that enables nodes
to stay reachable regardless of their movements and
locations in the IPv6 Internet (IETF RFC 3775)
 During a handover procedure,
MN should perform the following steps:
 (Step 1) Movement Detection
 (Step 2) IP Address Configuration
 (Step 3) Binding Update

Unfortunately MIPv6 suffers from long latency
and high signaling overhead caused
in this procedure.
2. Summary of My Research Works
◦ Mobile IPv6 Overview (Cont.)
 MIPv6 Extensions :
 Fast handover for MIPv6 (FMIPv6) – Steps 1 & 2
by using link layer (L2) triggers and
bi-directional tunneling between access routers
 Hierarchical MIPv6 (HMIPv6) – Step 3
by using hierarchical mobility management with
a new entity called Mobility Anchor Point (MAP)
 Enhanced Route Optimization (ERO) – Step 3
by using CGA (public key based strong security scheme)
and early binding update
 Fast handover for Hierarchical MIPv6 (F-HMIPv6)
– Step 1~3
by combining FMIPv6 and HMIPv6
2. Summary of My Research Works
◦ Mobile IPv6 Overview (Cont.)
 Proxy MIPv6 (PMIPv6)
MIPv6 and its enhancements failed to
be widely deployed in real networks:
(Host Based Approach)
Mobile nodes are required to participate in mobility
management, thus having to implement this function in
themselves.  Legacy device cannot be supported!
 Proxy MIPv6 (PMIPv6) was developed by IETF as
a standard network-based mobility management
protocol (IETF RFC 5213, 2008).
 PMIPv6 introduces new network entities:
MAG and LMA, which treat MNs’ handovers
while making MNs free from mobility management
2. Summary of My Research Works
◦ Mobile IPv6 Overview (Cont.)
 Proxy MIPv6 (PMIPv6) (Cont.)
Similar to MIPv6, PMIPv6 suffers from
long handover latency.
 Fast Handovers for Proxy Mobile IPv6 (FPMIPv6)
and Context Transfer for Proxy Mobile IPv6
(CTPMIPv6) are introduced.
 FPMIPv6 was adopted as a standard
(IETF RFC 5949, 2010)
2. Summary of My Research Works
◦ Fast Handover Security for
the Mobile IPv6 Family
 Fast Handover Extensions
for the MIPv6 Family (F-MIP):
FMIPv6, F-HMIPv6, FPMIPv6
 Fast handover extensions for MIPv6 perform
handover procedure before MN moves to a new
network with the help of layer two triggers.
 Security is sacrificed for efficiency.
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Without being secured, the extensions are
critically vulnerable to various security threats:






Masquerading
Message tampering
Replay Attack
Denial of Service Attack
Session Hijacking Attack
Malicious Mobile Node Flooding Attack
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Security Requirements:
Authentication
Location Verification
Confidentiality
Integrity
Handover Key Independence
Compromise of a current handover key should not
result in compromise of its previous or subsequent ones
 Tight bind between
handover key and care-of address
Aims to prevent a malicious node from using its valid
handover key to occupy a victim’s care-of address
while masquerading the victim





2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Two Major Security Technologies
for Fast Handover Security:
 Authentication, Authorization, and Accounting
Infrastructure (AAA Infrastructure)
Providing mutual authentication and
secure key exchange
 Cryptographically Generated Address (CGA)
Allowing two previously unknown nodes
to authenticate each other
based on public key cryptography.
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Security Schemes for FMIPv6
 Kempf-Koodli's protocol (KKP)
- Security Standard for FMIPv6 (RFC 5269)
- CGA based structure
- Strong security but heavy computation overheads
 Haddad-Krishnan's protocol (HKP)
- a light weight approach to improve KKP
- Hash-chain based structure but CGA is needed
- Efficient and light weight but still security problems
 Narayanan et al.'s protocol (NEP)
- Based on the AAA infrastructure
- public key operations not needed
but suffers from AS’s involvement every handover
 My Contribution to FMIPv6 Security
 YOU-HORI-SAKURAI’s protocol (YSHP)
- Combining CGA and AAA to address
the high computation cost and the DoS attacks
which KKP suffers from
- Achieving both efficiency and security
Movement Detection
with L2 triggers
Fast Binding Update
Attachment
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Security Scheme for F-HMIPv6
F-HMIPv6 is known to provide
the best handover performance.
 Kang and Park's protocol (KPP)
- Protecting F-HMIPv6 based on the group key
- Not providing the key independency
due to being based on the group key
- Vulnerable to
the DoS, replay, and Malicious Mobile Node Flooding
attacks.
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 My Contribution to F-HMIPv6 security
 Enhanced security scheme for F-HMIPv6 (ESS-FH)
- Counting on the CGA method to solve
the main drawbacks of KPP
- Providing the handover key independence
- Defending against the attacks, which KPP suffers from:
DoS attack, replay attack, and
Malicious Mobile Node Flooding attack
- Providing the secure fast inter-handover
between different Mobility Anchor Point (MAP) domains.
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Security Schemes for FPMIPv6
- PMIPv6 and FPMIPv6 depend on the pure AAA system.
- Long handover latency is caused by
the full Extensible Authentication Protocol (EAP).
◦ Fast Handover Security ~ (Cont.)
 Security Schemes for FPMIPv6
- For example, EAP-AKA, which is widely adopted.
Full EAP-AKA: 2 long RTT + 1 RTT
REAUTH - EAP-AKA: 2 long RTT
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Security Schemes for FPMIPv6 (Cont.)
 ERP – IETF RFC 5296
(EAP Extensions for EAP Re-authentication Protocol)
- In the first access, a full EAP procedure is executed
resulting in a master key between MN and AAA AS.
The successive accesses are optimized based on
the master key helps
- Still one long RTT is needed between MN and AAA AS
 Ticket based Security Schemes
- Lee et al.’s protocol and Chuang et al.’s protocol
- They depend on the group key or the context transfer,
thus vulnerable to “Compromise of a single node“
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 Security Schemes for FPMIPv6 (Cont.)
 ERP – IETF RFC 5296
(EAP Extensions for EAP Re-authentication Protocol)
- In the first access, a full EAP procedure is executed
resulting in a master key between MN and AAA AS.
The successive accesses are optimized based on
the master key helps
- Still one long RTT is needed between MN and AAA AS
 Ticket based Security Schemes
- Lee et al.’s protocol and Chuang et al.’s protocol
- They depend on the group key or the context transfer,
thus vulnerable to “Compromise of a single node”
 The existing schemes are vulnerable to
the malicious insider attacks.
2. Summary of My Research Works
◦ Fast Handover Security ~ (Cont.)
 My contribution for FPMIPv6 Security
 DSSH (Digital signature based secure handover for
network-based mobility management)
- In the host-based MIPv6 family, it is assumed that
there is no global security infrastructure.
- Because PMIPv6 is a network based approach,
it is possible to deploy public key infrastructure.
- DSSH uses public key cryptography for protecting
FPMIPv6 as well as allowing MN to be directly
authenticated to its visiting network
- DSSH defends against malicious insiders.
3. Research Plan
◦ Future Works –
Security for fast and seamless handover in
PMIPv6 with cross-layer approach based on
IEEE 802.21 MIH
 1st phase:
Security Protocol for FPMIPv6 (SPFP)
 2nd phase:
Security for Cross-Layer Handover based on
IEEE 802.21 MIH
( focusing on IEEE 802.21a-2012)
 3rd phase:
Applying SPFP to 2 layer networks
4. Q&A
Thank you!