A Security Analysis on Kempf-Koodli's Security Scheme for Fast Mobile IPv6

Ilsun YOU  Kouichi SAKURAI  Yoshiaki HORI  

IEICE TRANSACTIONS on Communications   Vol.E92-B   No.6   pp.2287-2290
Publication Date: 2009/06/01
Online ISSN: 1745-1345
DOI: 10.1587/transcom.E92.B.2287
Print ISSN: 0916-8516
Type of Manuscript: LETTER
Category: Internet
Fast Mobile IPv6 security,  SEND protocol,  CGA,  BAN-logic,  

Full Text: PDF(644.3KB)>>
Buy this Article

Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.