OPTIMIZED DERIVATION OF HANDOVER KEYS IN MOBILE IPV6

摘要

The invention consists of an optimized protocol for deriving handover keys to authenticate communication between an access terminal and an access router during a fast handoff protocol. An encryption public key generated using a private key for the access terminal and the access router is transmitted, each public key derived using the private key in an encryption algorithm. The public key for the access terminal is transmitted encapsulated in a binding update message that is received by the access router. The access router uses the received access terminal public key and its private key to generate a shared authentication key. The access router transmits its public key encapsulated in a message to the access terminal, which uses its private key and the access router public key to generate the shared authentication key. The shared authentication key is then used to authenticate communication between the access terminal and the access router. The messages transmitting the public keys are also secured using a security association for the routing links between the access terminal and the access router. The messages transmitting the keys are control messages used in the handover protocol and do not impose any additional messaging overhead to establish the authenticated communication link.