Mobile internet traffic has increased dramatically in recent years, particularly since the advent of the latest generation of smart phones. Advances in phone technology have dramatically increased internet traffic, and have forced the research community to rethink the existing concepts of IP mobility and multi-homing. One basic tenant of IP mobility is for a host to be able to change a L3 attachment point, i.e. IP address, during an ongoing transport session. A multi-homed host that needs to be able to selectively switch ongoing sessions to a different interface, such as, for example, from a 3G wireless network to WiFi, must also be able to change an IP attachment point.
Designing protocols for communication devices via public infrastructure inherently involves serious consideration of security issues, due to the public nature of, for example, the internet. In a public forum, adversaries can misuse information, and redirect transport sessions for malicious purposes. Such redirection attacks allow the adversary to hijack, for example, a communication session, and continue the session on behalf of one of the session end points.
Adversaries can also use access to the session for distributing Denial-of-Service (DoS) attacks, where the adversary steers high volume traffic toward a victim host. DoS attacks are also known as flooding.
Redirection and flooding each introduce different security problems with often very different solutions.
For example, the available mechanisms to protect against redirection attacks depend on the mobility technology. Current mobility standards, such as W-CDMA, LTE and WiMAX, use network-based mobility. These technologies employ network-side anchors to relay all traffic between a Mobile Node (MN) and its peers. All mobility-related signaling is exchanged between the MN and the network(side anchors?), which can be secured by exploiting trust relationships that exist between a subscriber and his service provider.
Alternatively, host-based mobility allows the MN to update a Correspondent Node (CN), when the MN has changed its IP address. In response, the CN can directly send data packets to the MN's new address. As a result, host-based mobility protocols are more cost-effective, versatile and scalable, since they eliminate the need for network side anchors. The advantages of host-based mobility systems have sparked a good deal of research activity attempting to establish suitable low cost host-based mobility protocols. Examples of such protocols can include, the Host-Identifier Protocol (HIP), route-optimized Mobile IPv6 (MIPv6 R/O), TCP-R and EMIPv6, to name a few of the more well known protocols to date.
Some of the known host-based protocols support multi-homing scenarios. Specifically, in the multi-homing scenarios, the host can announce multiple IP addresses to the CNs as alternative routing paths. Examples of such protocols include SCTP, HIP, multi-homed TCP (MH TCP) and SHIM6. Since both mobility and multi-homing address closely related issues, typically one refers to mobility when addressing both phenomena.
As far as security in the host-based mobility protocols is concerned, host-based mobility is confined to the end nodes sustaining traffic connections. As a result, trust relationships are usually unavailable to protect mobility-related signaling messages. Within the framework of HIP, for example, it was proposed to create trust relationships on a global level, i.e. for all hosts on the Internet, using PKI. As a result, the effort, as well as the scalability and revocation issues relating to creating trust relationships significantly impairs the principal advantages of host-based mobility. Thus, some proposals resort to mechanisms, such as IPsec, which requires a previously arranged trust relationship for a connection.
As a result, most host-mobility protocols have relied on methods of weak authentication, such as open exchange of random nonces, key arrangement through Diffie-Hellman exchanges and routability tests. Such solutions either provide insufficient protection, or put unnecessary processing burdens onto the end nodes.