1. Field of the Invention
The present invention relates to telecommunications and, more particularly, to a method for secure route optimization in Mobile IPv6.
2. Description of Related Art
Mobile IP has been used to allow mobile nodes to remain reachable when they move around in an Internet Protocol (IP) network. The basic Mobile IP approach is described in C. Perkins, “IP Mobility Support,” Request for Comments 2002, October 1996. In this approach, a mobile node is assigned a home address that routes to a home agent. When the mobile node is away from its home network, the mobile node registers a care-of address with the home agent. Then, when the home agent receives packets addressed to the mobile node's home address, the home agent forwards the packets to the mobile node's care-of address. In this way, the mobile node can remain reachable at its home address even when its point of attachment to the IP network changes.
The Mobile IP approach has also been adapted for IPv6 networks. The basic Mobile IPv6 approach is described in D. Johnson et al., “Mobility Support in IPv6,” Request for Comments 3775, June 2004 (hereinafter “RFC 3775”), which is incorporated herein by reference. When a mobile node is away from its home network, Mobile IPv6 supports two possible modes of communication between the mobile node and a correspondent node, i.e., the node with which the mobile node is communicating. These two possible modes of communication are illustrated schematically in FIG. 1. In the first communication mode, indicated by the arrows labeled “1a” and “1b,” the mobile node and correspondent node exchange packets via the home agent. More particularly, the correspondent node sends packets to the mobile node's home address, and the packets are routed to or intercepted by the home agent. The home agent then tunnels the intercepted packets to the mobile node's care-of address. The tunneling is performed using IPv6 encapsulation, such as described in A. Conta and S. Deering, “Generic Packet Tunneling in IPv6 Specification,” Request for Comments 2473, December 1998, which is incorporated herein by reference. Going in the other direction, the mobile node sends packets to the correspondent node by reverse tunneling the packets to the home agent using IPv6 encapsulation. The home agent then decapsulates the packets and passes them to the correspondent node.
In the second communication mode, indicated by the arrow labeled “2” in FIG. 1, the mobile node and correspondent node exchange packets without going through the home agent. The correspondent node sends packets to the mobile node's care-of address, and the mobile node sends packets to the correspondent node's IPv6 address. The second communication mode is described as a “route optimized” mode because it can provide a more direct communication path between the mobile node and the correspondent node. Route optimized communication is often desirable because it can result in reduced latency and improved reliability.
A Return Routability procedure may be used to establish route optimized communication between a mobile node and a correspondent node. In this procedure, the mobile node sends a Home Test Init (HoTI) message and a Care-of Test Init (CoTI) message, and the correspondent node responds by sending a Home Test (HoT) message and a Care-of Test (CoT) message. The mobile node then sends a Binding Update (BU) message that authorizes the correspondent node to send packets to the mobile node's care-of address, and the correspondent node acknowledges with a Binding Acknowledgement (BA) message.
The sequence of these messages is illustrated in FIG. 2. The mobile node initiates the Return Routability procedure by sending the HoTI and CoTI messages in parallel. As illustrated in FIG. 2, the mobile node reverse tunnels the HoTI message to the home agent for delivery to the correspondent node, whereas the mobile node sends the CoTI message to the correspondent node directly. The HoTI message conveys the mobile node's home address to the correspondent node. The HoTI message also includes a “home init cookie,” which the correspondent node is supposed to send back for verification. The CoTI message conveys the mobile node's care-of address to the correspondent node. The CoTI message also includes a “care-of init cookie,” which the correspondent node is supposed to send back for verification. The home init and care-of init cookies are 64-bit random numbers generated by the mobile node.
The correspondent node sends the HoT message in response to the HoTI message and sends the CoT message in response to the CoTI message. The HoT message includes the home init cookie provided by the mobile node and also includes a “home keygen token.” The home keygen token is a 64-bit value that the correspondent node generates by applying a hash function to input data that includes the mobile node's home address and the correspondent node's secret key, Kcn. The CoT message includes the care-of init cookie provided by the mobile node and also includes a “care-of keygen token.” The care-of keygen token is a 64-bit value that the correspondent node generates by applying a hash function to input data that includes the mobile node's care-of address and Kcn.
The mobile node receives the HoT and CoT messages and verifies that the messages include the home init and care-of init cookies. With this verification complete, the mobile node prepares to send a BU message to the correspondent node to authorize the correspondent node to send packets to the mobile node's care-of address. To prepare the BU message, the mobile node hashes the home keygen and care-of keygen tokens together to create a binding management key, Kbm. The mobile node then uses Kbm to generate an authentication code. In particular, the mobile node applies a hash function to input data that includes the mobile node's care-of address, the correspondent node's IPv6 address, and Kbm. The mobile node then send the BU message to the correspondent node with the authentication code that the mobile node generated using Kbm. If the correspondent node is able to validate the BU message by generating the same authentication code using its secret key, Kcn, then the correspondent node sends a BA message as an acknowledgement.
RFC 3775 specifies the use of IPSec to secure Mobile IPv6 signaling messages sent between the mobile node and home agent. With respect to the Return Routability procedure, the basic Mobile IPv6 approach assumes that the confidentiality of the HoTI and HoT messages sent between the mobile node and the home agent is protected by IPSec ESP, such as described in S. Kent and R. Atkinson, “IP Encapsulating Security Payload (ESP),” Request for Comments 2406, November 1998. Thus, according to Section 10.4.6 of RFC 3775, “the home agent MUST support tunnel mode IPSec ESP for the protection of packets belonging to the return routability procedure.” However, the process of establishing the security association needed for IPSec ESP can cause an undesirable amount of delay. In addition, when IPSec ESP is used, the mobile node and home agent exchange encrypted messages, and the process of encrypting and decrypting the messages creates an undesirable amount of computational overhead.
An Authentication Protocol, described in A. Patel et al., “Authentication Protocol for Mobile IPv6,” Request for Comments 4285, January 2006, has been proposed as an alternative to using IPSec for securing certain types of signaling messages sent between the mobile node and the home agent. However, the Authentication Protocol does not provide confidentiality protection to the HoT and HoTI messages sent between the mobile node and the home agent for the Return Routability procedure. Thus, according to Section 2 of RFC 4285, the Route Optimization mode of Mobile IPv6 should not be used when the Authentication Protocol is used, unless confidentiality protection can be guaranteed in some other way. This is a significant limitation of the Authentication Protocol given the potential benefits of using the route optimized communication.
Accordingly, there is a need for additional methods for securing the messages sent between the mobile node and the home agent for establishing route optimized communication in Mobile IPv6.