Скачать презентацию A Secure Access System for Mobile IPv 6 Скачать презентацию A Secure Access System for Mobile IPv 6

88228a568d5400fd0f955a9b3c4ca4f8.ppt

  • Количество слайдов: 21

A Secure Access System for Mobile IPv 6 Network ZHANG Hong Aug 28, 2003 A Secure Access System for Mobile IPv 6 Network ZHANG Hong Aug 28, 2003 [email protected] net. cn

Introduction n n Background: Internet, Wireless, Mobile Communication is under very fast development A Introduction n n Background: Internet, Wireless, Mobile Communication is under very fast development A secure mobile IPv 6 network access system is highly needed for mobile IPv 6 deployment

Scenario Scenario

Current Status and Problem n Current methods and systems are still inadequate, including EAP, Current Status and Problem n Current methods and systems are still inadequate, including EAP, PANA, 802. 1 X, RADIUS, Diameter

Security Goals n n 1) The MN and the network access server could do Security Goals n n 1) The MN and the network access server could do mutual authentication, in case Manin-Middle Attack. 2) Inter-domain authentication/authorization must be accomplished to support roaming user. 3) No one including AAA servers in foreign domain could forge access request of MN. 4) Transport service for the MN should be protected and prevent attacker to steal the service after MN is authenticated.

Security Association Security Association

Overview n The secure access procedure for MN is comprised of three phases: - Overview n The secure access procedure for MN is comprised of three phases: - initial phase, - authentication- registration phase - termination phase.

Initial Phase n n When MN first enters a foreign network, it is in Initial Phase n n When MN first enters a foreign network, it is in this phase. The MN will get IPv 6 care-of-address by either stateful or stateless address auto-configuration. This system does not modify current IPv 6 address autoconfiguration protocols. MN sends a server-request packet to access servers with an IPv 6 site-local broadcast address. The servers receive the request and send answers. MN will choose one server and build secure channel with it by a TLS-alike way. This secure channel will protect further authentication and registration messages.

n n Message 1: Server Request : = MN’s request for a access server n n Message 1: Server Request : = MN’s request for a access server to deal with its access request Message 2: Server Reply : = Access Server’s reply Message 3: Ack : = MN’s acknowledge for one of the access servers. Message 4: {Server Cert, Challenge}Sig : = the chosen access server returns its certificate and a challenge, the whole message is signed by the access server.

Authentication- Registration Phase n In this phase, MN will send its NAI, identity credentials Authentication- Registration Phase n In this phase, MN will send its NAI, identity credentials to access server through the secure channel built in initial phase. Thus the user identity privacy is achieved by encryption. Authentication of MN may need AAAH if MN is in foreign domain, and AAAH will do binding update registration in HA for the MN. Authentication is accomplished by transferring EAP payload between MN and AAAH.

n n Message 1: E{NAI, Cha, N} : = MN’s NAI, Challenge (Cha) in n n Message 1: E{NAI, Cha, N} : = MN’s NAI, Challenge (Cha) in initial phase, Nonce (N) for message freshness, the whole message is encrypted using the access server’s public key Message 2: AMR 1 : = Auth-MN-Request message, this message contains NAI. AAAL will forward this message to MN’s AAAH Message 3: AMA 1 : = Auth-MN-Answer message, this message contains NAI, EAP-MD 5 challenge AVP Message 4: {EAP, N}sig : = access server sends the EAP-MD 5 challenge to MN. Nonce guarantees the message freshness. This message is signed

n n n Message 5: E{NAI, EAP, N, BU} : = MN sends NAI, n n n Message 5: E{NAI, EAP, N, BU} : = MN sends NAI, EAP-MD 5 response, nonce and binding update (BU) request to access server. Message 6: AMR 2 : = access server encapsulate NAI, EAP response in AVPs, BU and sends them to AAAL through AMR message Message 7: BUR : = Binding Update Request, AAAH sends binding update request to HA, and HA replies BUA(Binding Update Answer)

Termination Phase n MN sends termination request to the access server and the server Termination Phase n MN sends termination request to the access server and the server replies. In order to detect when MN has disconnected abnormally, the access server uses heartbeat detection mechanism by sending probe message periodically.

n n Message 1: E{Terminate Request, N} : = MN’s request to terminate access, n n Message 1: E{Terminate Request, N} : = MN’s request to terminate access, this message is encrypted by temp key Message 2: {Server Reply}sig : = Access server’s reply with signature

Logic Analysis ABBR. AS – Access Server Cert – Certificate Cha – Challenge N Logic Analysis ABBR. AS – Access Server Cert – Certificate Cha – Challenge N - Nonce n n n MN Receives Cert, Cha, { Cert, Cha }Sig MN Verifies Cert MN Believes PK Belongs to AS MN Believes AS Said Cha AS Receives {MN, Cha, N}Pk AS Believes Freshness(Cha)

n n n n AS Believes Freshness(MN, N) MN Receives EAP-Cha, N, {EAP-Cha, N}sig n n n n AS Believes Freshness(MN, N) MN Receives EAP-Cha, N, {EAP-Cha, N}sig MN Believes AS Said {EAP-Cha, N} MN Believes Freshness(N) MN Believes Freshness(EAP-Cha) AS Receives{EAP-Res, MN, N }pk AAAH Verifies EAP-Res AAAH Believes MN’s Identity

Comparison With Former Goals This system accomplishes all of them. n 1) The access Comparison With Former Goals This system accomplishes all of them. n 1) The access server is authenticated to MN by certificate. The MN is authenticated later by EAP methods. n 2) Inter-domain authentication/authorization is supported by AMR and AMA messages in Diameter protocol. n 3) No one could forge access request of MN and send it to AAA servers in home domain. n 4) Service theft attack is prevented by security association between MN and router.

Thanks !!! Thanks !!!