certificate-based binding update protocol (cbu) draft-qiu-mip6-certificated-binding-update-02.txt...

Certificate-based Binding Update Protocol (CBU)

draft-qiu-mip6-certificated-binding-update-02.txt

Feng Bao

Robert Deng

Ying Qiu

Jianying Zhou

Institute for Infocomm Research (I2R)

Do we trust SSL?• Of Course. • SSL is successful and efficient.

What are the features of SSL?• Use strong cryptosystem

• Fewer certificates involved (only servers are required certificates and the correspondent clients are not)

SSL Framework

Server (Certificate distributed)

Internet

Client (without Certificate)

SSL tunnelSSL tunnel

Certificate signed by a CA, e.g.

GlobalSignMS SecureNetVeriSign… …

Embedded the public certificates of CAs, i.c.

VeriSign

S1 … … Si

Sa … … Sn

… …

Fragment PKI

SSL framework

SSL vs CBU

Server (Certificate distributed)

Internet

Client (without Certificate)

SSL tunnelSSL tunnel

CBU framework

HA Internet

Certificate signed by a CA, e.g.

Embedded the public certificates of CAs, i.c.

VeriSign

S1 … … Si

Sa … … Sn

… …

Fragment PKI

Design Consideration/Goal

• MN authenticates itself to CN & sets up a

key for secure BU

• Employs PKC, secure against powerful

intruder

• No PKC operations performed at MNs

• Issue certificate for home link, not MNs (i. e., public key binds with home link, not with

individual IP address)

Protocol

HA is a security proxy of MN, it’s transparent to CN

EXCH0 contains HA’s signature on HoA, gx and a time stamp; it testifies that HoA belongs to HA, authenticates gx to CN

MN HA CN

REQ COOKIE0

COOKIE1

REP EXCH1 (gy)

EXCH0 (gx) k= (gx)y

Long term messages

Short term messages

Benefits

• Strong cryptosystem• Do not need the certificates of mobile devices • Against session hijacking• Against MN flooding• More suitable for fast handover• Reduce the computing and communication

requirements on the mobile devices• High overall performance

certificate-based binding update protocol (cbu) draft-qiu-mip6-certificated-binding-update-02.txt...

Documents

portfolio qiaoxia qiu print

qiu little smart 15sep05

introduction methods results and error...

andpeihua qiu arxiv:0906.1421v1 [stat.ap] 8 jun 2009

software engineering for security: a roadmap presented by...

qiu sample

li, xiaodong ren, jianying liu, xing - atlantis pressthe...

portfolio qiaoxia qiu email

environment-sensitive hydrogels for drug delivery yong qiu

portfolio_qiaoxia qiu

ayse kucuk yilmaz chunlan qiu & yonglin xiao

understanding code mobility sachin chouksey h. qiu xiong

yiming qiu yiming.qiu@nist.gov 4/2016

2009stanforde25 ramon qiu and alex dao

enhancements on spark sql optimizer by min qiu

hui chen, lei shu, jianying zhang jongwoo song , william...

all about picca qiu

chris barthruff jidapa ittipong hao qiu pinyarat...

1 models - xincheng qiu

victoria university of...