Hello. Sign In
Standards Store


2008 Edition, June 1, 2008

Complete Document

Distributing a Symmetric Fast Mobile IPv6 (FMIPv6) Handover Key Using SEcure Neighbor Discovery (SEND)

Detail Summary

Active, Most Current

Additional Comments:
Price (USD)
Single User
In Stock
PDF + Print
In Stock
$42.00 You save 30%
Add to Cart

Product Details:

  • Revision: 2008 Edition, June 1, 2008
  • Published Date: June 2008
  • Status: Active, Most Current
  • Document Language: English
  • Published By: Internet Engineering Task Force (IETF)
  • Page Count: 14
  • ANSI Approved: No
  • DoD Adopted: No

Description / Abstract:

Fast Mobile IPv6 requires that a Fast Binding Update is secured using a security association shared between an Access Router and a Mobile Node in order to avoid certain attacks. In this document, a method for provisioning a shared key from the Access Router to the Mobile Node is defined to protect this signaling. The Mobile Node generates a public/private key pair using the same public key algorithm as for SEND (RFC 3971). The Mobile Node sends the public key to the Access Router. The Access Router encrypts a shared handover key using the public key and sends it back to the Mobile Node. The Mobile Node decrypts the shared handover key using the matching private key, and the handover key is then available for generating an authenticator on a Fast Binding Update. The Mobile Node and Access Router use the Router Solicitation for Proxy Advertisement and Proxy Router Advertisement from Fast Mobile IPv6 for the key exchange. The key exchange messages are required to have SEND security; that is, the source address is a Cryptographically Generated Address (CGA) and the messages are signed using the CGA private key of the sending node. This allows the Access Router, prior to providing the shared handover key, to verify the authorization of the Mobile Node to claim the address so that the previous care-of CGA in the Fast Binding Update can act as the name of the key.