1. Technical Field
The present invention relates to a binding update method in the MIPv6 (Mobile Internet Protocol version 6), and more particularly, to a binding update method in the MPIv6 that can intercept an attacker's attack to guarantee a safe communication.
2. Related Art
In the MIPv6, communication nodes in the Internet can communicate with each other while freely changing linked networks.
In the MIPv6, a communication node that can change its point of attachment from one link to another link is referred to as a mobile node (MN) and an equivalent communication node that is communicating with the mobile node is referred to as a corresponding node (CN). The corresponding node may be stationary or dynamic.
The mobile node can continuously communicate by the use of a home address (HoA) which is an IP address assigned to the mobile node in its own home link, when it moves from one link to another link. That is, when the mobile node visits a foreign link other than the home link, a care-of address (CoA) which is an IP address linked to the mobile node is assigned to the mobile node and the mobile node should notify the CoA to the corresponding node.
Accordingly, when the mobile node departs from its home link and moves to a foreign link, the mobile node performs a binding update procedure of registering the assigned CoA in a home agent (HA) and the corresponding node.
FIG. 1 is a diagram illustrating a binding update method in the MIPv6 according to the related art.
Referring to FIG. 1, a mobile node 11 first performs a return routability (RR) procedure of determining whether the mobile node itself is a correct node for performing the binding update procedure.
To acquire a home keygen token (HT) and a care of keygen token (CT) from a corresponding node 12, the mobile node 11 generates a home test init (HoTI) message and a care of test init (CoTI) message (S11 and S12), transmits the HoTI message to the corresponding node 12 through a home agent 13, and transmits the CoTI message directly to the corresponding node 12.
Then, the corresponding node 12 having received the HoTI message and the CoTI message verifies the mobile node 11. That is, the corresponding node 12 generates the HT and a first nonce nonce1 corresponding to the HoTI message and the CT and a second nonce nonce2 corresponding to the CoTI message and generates a home of test (HoT) message including the HT and the first nonce nonce1 and a care-of test message (CoT) message including the CT and the second nonce nonce2 (S13 and S14).
The corresponding node 12 transmits the HoT message to the mobile node 11 through the home agent 13 and transmits the CoT message directly to the mobile node 11.
When the mobile node 11 having received the HoT message and the CoT message successfully performs the RR procedure, the mobile node 11 a binding update procedure of notifying the corresponding node 12 of its CoA.
That is, the mobile node 11 acquires the HT and the CT from the HoT message and the CoT message, respectively, generates a binding update (BU) message including the tokens HT and CT, and transmits the BU message to the corresponding node 12 (S15).
Then, the corresponding node 12 acquires the first and second nonces nonce1 and nonce2 from the BU message, reconstructs the HT and the CT, generates a response message on the basis of a message authentication code and the BU message (S16), and transmits the response message to the mobile node 11.
However, in the binding update method according to the related art, a communication section between the mobile node 11 and the home agent 13 in the indirect path and the direct path in the MIPv6 is protected with the IPSec but the other communication section is not protected at all.
In the communication section other than the section between the mobile node 11 and the home agent 13, an attacker can intercept the session of the mobile node 11. That is, when the attacker is located between the home agent 13 and the corresponding node 12, the attacker acquires the HT, transmits the CoTI message to the corresponding node 12 by the use of its CoA, and is provided with the CT. Then, the attacker can perform the binding update procedure using two tokens (the HT of the mobile node 11 and the CT of the attacker).
This is because no connectivity exists in two tokens constituting the Kbm used in the binding update procedure. To defend a service rejection attack, the corresponding node 12 does not hold a status but holds the tokens, the nonces, and indexes of the nonces, before receiving the BU message. That is, the corresponding node 12 does not store what mobile node 11 is performing the RR procedure.
Therefore, the corresponding node 12 can only generate tokens with reference to only a source address of the init message but cannot add information in common to two tokens.
Conclusively, since the CT of the attacker and the HT of the mobile node 11 are used to generate the Kbm, the corresponding node recognizes that the CoA of the attacker and the HoA of the mobile node 11 are routed to the same place. Then, the subsequent communication is made using the CoA of the attackers, which means that the attack is successful.
When such an attack is made while a user is receiving important data, the security of information is severely threatened.