In Mobile IPv6, every packet sent by a correspondent node (CN) to a mobile node (MN) is first routed to a home agent (HA). The HA then tunnels the packet to the current location of the MN. Due to the indirect transmission of the packet between the MN and the CN, the route for transmitting the packet is a non-optimal route. In few situations, the packet can be transmitted directly from the MN to the CN. However, in most of the cases the packets are still routed through the HA between the CN and the MN, instead of a direct transmission between the CN and the MN due to ingress filtering.
Conventionally, a return routability procedure is provided for a route optimization protocol. In the return routability procedure, a MN sends a Home Test Initiate message to a HA. The HA then sends the message to a CN. The CN then replies a Home Test message to the MN. The CN sends the Home Test message to the MN's home address which is received by the HA, which in turn is tunneled to the MN. The MN also sends a Care-of Initiate Test (CoTI) message directly to the CN. The CN then sends a Care-of Test message in response to CoTI message directly to the MN. The return routability procedure is initiated by the MN.
The return routability procedure enables the CN to obtain a reasonable assurance that the MN is in fact addressable at MN's claimed care-of address as well as at MN's home address. The return routability procedure creates a key Kbm which is shared between the MN and the CN. After the return routability procedure, the MN sends a Binding Update (BU) message to instruct the CN to direct the MN's data traffic to the MN's claimed care-of address. The BU message is secured by Kbm. The CN acknowledges the BU message with a Binding Acknowledgement (Back) message and starts sending the packets directly to the MN establishing a direct route.
An enhanced route optimization (E-RO) is an enhanced version of a MIPv6 route optimization. The Enhanced Route Optimization secures a MN's home address against impersonation through an interface identifier that is cryptographically and verifiably bound to the public component of the MN's public/private-key pair. The MN proves the ownership of the home address by providing information that the MN knows the corresponding private key. An initial home address test can validate the home address prefix, and a subsequent home address tests becomes unnecessary. The Enhanced Route Optimization can further allow the MN and the CN to resume a bidirectional communication in parallel with pursuing a care-of address test. The latency of the home address test and care-of address test is therefore eliminated in most situations.
A MIPv6 binding is conceptually a packet redirection from a home address to a care-of address. The home address is the source of the redirection and the care-of address is the destination. The packets to be redirected can be identified based on the home address. A cryptographic ownership is provided to prove the home address. In general, a Cryptographically Generated Address (CGA) provides a strong, cryptographic binding between its interface identifier and the CGA owner's public key. This enhances a cryptographic home address ownership proof without a public-key infrastructure, enabling other nodes to securely and autonomously authenticate the CGA owner as such, assuming the correctness of the CGA's subnet prefix.
In the home test, the MN initiate the home test, using its CGA as the interface identifier in the source address field of a HoTI message. The CN sends a permanent home keygen token included in a HoT message. After handovering and getting a Care-of Address, the MN starts an early binding update exchange with the CN. The MN adds the care-of test init option to the early BU message in order to receive a care-of keygen token from the CN. The MN authenticates the early BU message with the permanent home keygen token. The CN replies with an early Back with the care-of test option which contains the care-of keygen token. In the complete BU/Back exchange, the MN sends a complete BU message to register its care-of address to the CN. The MN authenticates this message with the care-of keygen token. The home test and the care-of test are both initiated by the MN.
Based on the foregoing, apparatus and methods for a route optimization protocol are desired.