1. Field of the Invention
The present invention relates generally to a method of preventing a relay attack in a communication system using a Mobile Internet Protocol version 6 (IPv6) environment, and in particular, to a method of preventing replay attack during a binding updating process that a mobile host (herein referred to as a Mobile Node (MN)) performs to communicate with a Correspondent Node (CN).
2. Description of the Related Art
The recent wide use of the Internet, the development of wireless communication technologies, and the improved performance of mobile terminals such as portable computers and Personal Digital Assistants (PDAs) are driving forces behind the increase of wireless Internet users. In this context, a variety of methods have been proposed to provide high-quality communication services to MNs which roam in a wireless Internet environment.
Mobile IP has emerged as one of the high-quality communication service providing methods, which enables an MN to change its point of attachment to the Internet from one network to another. Mobile IPv4 and Mobile IPv6 are defined according to Mobile IP versions. Mobile IPv6 an extension of Mobile IPv4.
In the Mobile IPv6 environment (hereinafter Mobile IPv6), when an MN moves to a foreign network, the foreign network allocates a temporary address known as a Care of Address (CoA) to the MN. The MN binds the CoA and its own Home Address (HoA) and registers them with a Home Agent (HA) and a CN. Thus, the MN communicates with the CN. Binding is a process of corresponding the temporary CoA to the original address e.g., the (HoA) as information registered with the HA and the CN, when the MN attaches to the foreign network.
During handoff in the Mobile IPv6 environment, the CoA of the MN can be exposed to an attacker, thus vulnerable to replay a “attack”.
FIG. 1 is a block diagram illustrating a conventional replay attack procedure. In step 101, an MN transmits a Binding Update to a CN to communicate with the CN. During the binding update, the MN registers its CoA (CoA1) to the binding cache of the CN, thereby creating a new binding entry. As the MN moves, it receives a new CoA (CoA2) by Mobile IPv6 address auto-configuration in step 103. In step 105, the MN transmits CoA2 to the CN, thus creating another new binding entry, for seamless communications with the CN. Referring to FIG. 2, the binding entry includes a HoA 201, a CoA 203, a Life Time 205 representing the valid duration of the binding, and a Maximum Sequence Number 207 indicating the maximum value of the Sequence Number field sent in previous Binding Updates to the CN.
In step 107, an attacker attempts a replay attack on the CN using COA1 and the HoA of the MN at the previous location of the MN.
If the attacker requests a binding update to the CN using CoA1 and the HoA of the MN, the CN determines whether a nonce (a random number) used for generating a previous binding management key for the MN is valid in step 109. If the nonce is valid, the attacker can acquire the binding management key. In other words, the MN and the CN are vulnerable to replay attack from the attacker.
As described above, when the attacker attacks using the CoA1 and the HoA of the MN, if the nonce used for generating the binding management key is still valid, the attacker can initiate the replay attack. Accordingly, there exists a need for preventing the replay attack.