Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy

A mobile node and IP routing technology, applied in the field of network communication, can solve communication attacks and other problems, and achieve the effect of security protection, simple technical solution and easy implementation

Inactive Publication Date: 2009-07-29
HUAWEI TECH CO LTD
View PDF0 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, if the BU message is not protected, the communication between the MN and the CN can be attacked through the forged BU message

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy
  • Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy
  • Method for protecting movable IP routing optimizing signaling, system, node and hometown proxy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0035] The embodiment of the present invention provides a method for protecting mobile IP routing optimization signaling. By protecting the confidentiality of the home secret generation token in the HoT message, the method can enable the mobile node to communicate with the home agent when IPSec is not supported. The security of routing optimization signaling between the home agent and the home agent is guaranteed, so that the routing optimization communication security of the mobile node can be protected. see Figure 4 , the concrete steps of the embodiment of the present invention are as follows:

[0036] Step 101: MN performs home registration, and establishes a shared key K with HA.

[0037] There may be one shared key between the MN and the HA, or multiple shared keys. In this embodiment, multiple shared keys are used as an example.

[0038] Step 102: The MN sends a HoTI message to the HA, the message includes an encrypted home initial cookie and a mobile SPI (Security P...

Embodiment 2

[0059] In Embodiment 1, the home secret generation token in the HoT message is encrypted and decrypted, so as to ensure the security of signaling between the HA and the MN. This embodiment is to encrypt and decrypt the home secret generated token, the home initial Cookie and the intermediate value generated by the random value in the HoT message. see Figure 5 , the specific steps of this embodiment are as follows:

[0060] Step 201: MN completes home registration, and establishes a shared key K with HA.

[0061] The specific steps are the same as step 101 in Embodiment 1, and will not be repeated here.

[0062] Step 202: the MN sends a HoTI message to the HA, the message includes the encrypted Home Initial Cookie and the mobile SPI.

[0063] The specific steps are the same as step 102 in Embodiment 1, and will not be repeated here.

[0064] Step 203: The HA receives the HoTI message, uses the shared key K to decrypt the home initial cookie according to the SPI in the mobi...

Embodiment 3

[0079] An embodiment of the present invention provides a system for protecting mobile IP routing optimization signaling, Figure 6 As shown, the system includes a token encryption module and a token decryption module. in,

[0080] The token encryption module is used to encrypt the hometown secret generation token, and sends the encrypted hometown secret generation token to the token decryption module;

[0081] The token decryption module is used to decrypt the encrypted hometown secret generation token to obtain the hometown secret generation token.

[0082] Further, the system also includes a Cookie encryption module and a Cookie decryption module:

[0083] The Cookie encryption module is used to encrypt the hometown initial Cookie according to the shared key or the derived key of the shared key, and send the encrypted hometown initial Cookie to the Cookie decryption module;

[0084] The cookie decryption module is used to decrypt the encrypted hometown initial cookie acco...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method, a system, a node and a home agent which are used for protecting mobile IP routing optimization signaling, and belongs to the field of network communication. The method comprises the following steps: the home agent encrypts a home secret generating token and contains the encrypted home secret generating token in a home test message which is sent to a mobile node; and the mobile node decrypts the home secret generating token from the home test message. The system comprises a token encrypting module and a token decrypting module. The node comprises a home test message receiving module and a token decrypting module. The home agent comprises a token encrypting module. The invention ensures the safety of the routing optimization signaling between the mobile node and the home agent by protecting the confidentiality of the home secret generating token.

Description

technical field [0001] The invention relates to the field of network communication, in particular to a method, system, node and home agent for protecting mobile IP routing optimization signaling. Background technique [0002] There are three basic network entities involved in the mobile IPv6 system: mobile node (Mobile Node, MN), correspondent node (Correspondent Node, CN) and home agent (Home Agent, HA). When the MN roams to a foreign network, it will generate a care-of address in a certain way, and notify the home agent of the care-of address through a binding update (Binding Update, BU) message. When the CN sends a message to the MN that leaves its hometown, the home agent will intercept the message sent to the home network of the mobile node and the mobile node, and then forward the message to the mobile node through the tunnel mode; when the MN sends a message to the CN, The message is sent to the home agent through the tunnel mode, and the home agent decapsulates the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/28
CPCH04W12/04H04W12/02H04L63/06H04W12/03H04W12/041
Inventor 李春强黄志钢
Owner HUAWEI TECH CO LTD