A Security Proxy Based Protocol for Authenticating the Mobile IPv6 Binding Updates

摘要

In this paper, we propose a security proxy based protocol for authenticating the binding updates in Mobile IP Version 6 environment, which combines the Deng-Zhou-Bao's protocol with Aura's two hash-based CGA scheme to avoid the use of trusted CAs. The two hash-based CGA scheme enables our protocol to achieve stronger security than other CGA-based protocols without a trusted CA, resulting in less cost of verifying the HA's public key than the one of the Deng-Zhou-Bao's protocol. The comparison of our protocol with other protocols such as the Deng-Zhou-Bao's protocol, CAM-DH and SUCV shows that our protocol can provide good performance and manageability in addition to stronger security than one hash-based CGA approaches.