Mobile IP (MIP), which is described in IETF RFC 3775, allows users of mobile communications devices to move from one network to another whilst maintaining a permanent IP address, regardless of which network they are in. This allows a user to maintain connections whilst on the move. For example, if a Mobile Node (MN) were participating in a Voice Over IP (VoIP) session with a Correspondent Node (CN), which might be fixed or mobile, and, during the session the MN moved from one network to another, without MIP support the MN's IP address may change. This would lead to problems with the VoIP session. Mobile IP relies upon the provision, within a MN's home network, of a Home Agent (HA). The MN is allocated a Home Address (HoA) within the home network, as well as a Care-of-Address (CoA) within a visited network. Packets exchanged between MN and the CN are tunneled between the HA and the MN using the CoA as source/destination address.
Route Optimisation (RO) is a procedure used in mobility networks to improve the efficiency with which messages are sent between a MN and a CN. More particularly, RO allows traffic sent from the CN to the MN to be routed directly to the MN without passing through the HA. Mobility Support in IPv6 (IETF RFC3775 June 2004) describes a RO procedure for messages sent to the MN from a CN. This approach requires (for each location update) that a pair or reachability tests be performed between the MN and the CN. A first test (HoTI/HoT) ensures reachability of the MN at the HoA, and a second (CoTI/CoT) ensures reachability of the MN at the CoA. The HoT and CoT messages each contain a token, with the tokens being combined at the MN to generate a secret (shared with the CN). A subsequent Binding Update (BU) and Binding Acknowledgement are signed with the shared key. RO requires that both the CoA and HoA reachability tests be repeated at regular intervals, e.g. typically every 7 minutes, in order to limit the damage that can be caused by a time shifting attack in which a MN moves to a new network but does not update the CN, resulting in flooding of the old network.
An enhanced RO protocol has been proposed (IETF RFC4866). This enhanced protocol introduces the use of Cryptographically Generated Addresses CGA as HoAs, with BUs being signed with the sender's private key. The use of CGAs avoids the need for further HoA reachability tests after an initial test has been performed: after the initial test, the CN can trust that the MN has not only generated the CGA but that it had the right to do so. As well as improving security, the enhanced RO protocol reduces mobility related signalling.
Various security vulnerabilities are present within the existing RO proposals. In particular, it may be possible for an attacker present on the link between a MN and a CN, i.e. a man-in-the-middle, to observe patterns within packet streams and to thereby track the movements of the MN. An attacker could for example scan BUs sent between a MN and a CN. The BUs will reveal both the HoA and CoA of the MN, and the CNs IP address. By looking for consecutive (or similar) header sequence numbers, the attacker can follow the MN's movements between access networks.
It is desirable to introduce a degree of anonymity and unlinkability into IP packet streams to prevent the tracking of movements of mobile nodes within and between access networks whilst at the same time defending against flooding and related attacks, but to do this efficiently and securely in terms of the set-up signalling involved and the provisioning of mobility. Also it is equally desirable to relieve the mobile node from having to exchange any mobility signalling directly with the corresponding node, as well as to reduce the handoff latency by removing the CoTI/CoT exchange.