Threat Analysis on NEtwork MObility (NEMO)
- 710 Downloads
NEMO (NEtworks in MOtion), currently being standardized under IETF, addresses issues such as connectivity, reachability and session continuity for nodes in a mobile network (i.e., the whole network or subnet moving from one Internet attached point to another). While the current NEMO basic proposal is based on the MobileIPv6 standard (and therefore, it is based on the security in MIPv6 as well) and relatively stable, in this paper, we study the security issues related to the NEMO basic protocol as well as its operation. After carefully analyzing various pieces of related standard protocols (for example, MIPv6 and IPsec) and their integration under the NEMO framework, we present here a list of interesting practical attacks against NEMO and their potential security damages. Finally, we examine two simple solutions to handle some of the attacks and describe their limitations.
KeywordsMobile Node Home Agent Attack Scenario Mobile Router Binding Update
Unable to display preview. Download preview PDF.
- 1.Johnson, D.B., Perkins, C.E., Arkko, J.: Mobility Support in IPv6, RFC3775, IETF (2004)Google Scholar
- 2.Devarapalli, V., et al.: NEMO Basic Support Protocol, IETF Internet Draft: draft-ietf-nemobasic- support-03.txt (2004) (work in progress)Google Scholar
- 3.Arkko, J., et al.: Using IPsec to Protect Mobile IPv6 Signaling between Mobile Nodes and Home Agents, RFC3776, IETF (2004)Google Scholar
- 4.Kent, S., Atkinson, R.: IP Encapsulating Security Payload (ESP), RFC 2406, IETF (1998)Google Scholar
- 5.Conta, A., Deering, S.: Generic Packet Tunneling in IPv6 Specification. RFC 2473, IETF (1998)Google Scholar
- 6.Meyer, D.: Routerviews project, http://www.routeviews.org
- 7.Yang, L., et al.: Forwarding and Control Element Separation (ForCES) Framework, work in progress, draft-ietf-forces-mode-03.txt, IETF (2004) (work in progress)Google Scholar
- 8.Ng, C.W., et al.: Analysis of Multihoming in Network Mobility Support, IETF Internet Draft: draft-ietf-nemo-multihoming-issues-00.txt, IETF (2004) (work in progress)Google Scholar