Network Working Group David B. Johnson INTERNET DRAFT Carnegie Mellon University Andrew Myles Macquarie University Charles Perkins IBM Corporation 22 July 1994 Route Optimization in Mobile IP Abstract This document specifies experimental extensions to the operation of the basic mobile IP protocol to allow for optimization of packet routing from a correspondent node to a mobile node. Without route optimization, packets destined to a mobile node are generally routed through that mobile node's home agent, which then tunnels each packet to the mobile node's current foreign agent. The protocol extensions described here provide a means for correspondent nodes (and optionally for intermediate routers) that implement these extensions to cache the location of a mobile node and to tunnel packets directly to that mobile node's foreign agent, bypassing the possibly lengthy route to and from the home agent. These extensions require various nodes to be able to to authenticate the location of a mobile node. A strong authentication mechanism is described that requires either manual key distribution or a key distribution protocol to be available. In addition, a simple authentication mechanism is described that provides adequate security if certain assumption can be made about the trustworthiness network infrastructure. Status of This Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as "working drafts" or "work in progress". Johnson, Myles, Perkins Expires 22 January 1995 [Page i] Internet Draft Route Optimization in Mobile IP 22 July 1994 Please check lid-abstracts.txt listing contained in the internet-drafts Shadow Directories on nic.ddn.mil, nnsc.nsf.net, nic.nordu.net, ftp.nisc.sri.com, or munnari.oz.au to learn the current status of an Internet Draft. Johnson, Myles, Perkins Expires 22 January 1995 [Page ii] Internet Draft Route Optimization in Mobile IP 22 July 1994 Contents Abstract i Status of This Memo i 1. Introduction 1 2. Infrastructure 3 2.1. The Basic Mobile IP Protocol . . . . . . . . . . . . . . 3 2.2. Cache Agents . . . . . . . . . . . . . . . . . . . . . . 4 2.3. Authenticated Visitor List Entries . . . . . . . . . . . 5 3. Forwarding Rules 7 4. Route Optimization Management Messages 10 4.1. Authenticator Extension . . . . . . . . . . . . . . . . . 11 4.2. Binding Advice Message . . . . . . . . . . . . . . . . . 12 4.3. Binding Inquire Message . . . . . . . . . . . . . . . . . 13 4.4. Binding Update Message . . . . . . . . . . . . . . . . . 15 4.5. Binding Acknowledge Message . . . . . . . . . . . . . . . 17 5. Route Optimization Procedures 19 5.1. Previous Foreign Agent List . . . . . . . . . . . . . . . 19 5.2. Notifying Previous Foreign Agents . . . . . . . . . . . . 21 5.3. Notifying Incorrect Cache Agents . . . . . . . . . . . . 24 5.4. Obtaining a Mobile Node Binding . . . . . . . . . . . . . 26 6. Binding Authentication 31 6.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 31 6.2. Strong Authentication . . . . . . . . . . . . . . . . . . 33 6.2.1. Authenticating a Visitor List Entry . . . . . . . 33 6.2.2. Previous Foreign Agent Authentication . . . . . . 34 6.3. Simple Authentication . . . . . . . . . . . . . . . . . . 35 6.3.1. General Authentication Procedure . . . . . . . . 35 6.3.2. Authenticating a Visitor List Entry . . . . . . . 35 6.3.3. Previous Foreign Agent Authentication . . . . . . 36 6.4. Simple and Strong Authentication Interoperability . . . . 37 6.5. Authentication Weaknesses . . . . . . . . . . . . . . . . 38 References 39 Authors' Addresses 39 Johnson, Myles, Perkins Expires 22 January 1995 [Page iii] Internet Draft Route Optimization in Mobile IP 22 July 1994 1. Introduction The basic mobile IP protocol [?] allows a mobile node to move about within the Internet while continuing to use its home address. Correspondent nodes sending packets to a mobile node address them to the mobile node's home address in the same manner as packets sent to any other IP node. Each mobile node is served by a "home agent" on its home network and by a "foreign agent" on the network it is currently visiting. Packets addressed to the mobile node's home address are routed by the normal IP routing algorithms to the mobile node's home network, where, if the mobile node is "away from home", they are intercepted by the mobile node's home agent. The home agent then tunnels each packet to the mobile node's current foreign agent, which finally delivers the packet locally to the mobile node. Packets sent by a mobile node use the foreign agent as a default router but require no other special handling or routing. This scheme allows transparent interoperation with mobile nodes, but by forcing all packets for a mobile node to be routed through its home agent, this basic protocol will often lead to routing that is significantly less than optimal. For example, if a mobile node, say MN1, is visiting some subnet, even packets from a correspondent node on this same subnet must be routed through the Internet to MN1's home agent on MN1's home network, only to then be tunneled back to the original subnet to MN1's foreign agent for delivery to MN1. This suboptimal routing can significantly delay the delivery of the packet to MN1 and places an unnecessary burden on the networks and routers along this path through the Internet. If the correspondent node in this example is actually another mobile node, say MN2, then packets from MN1 to MN2 must likewise be routed through MN2's home agent on MN2's home network and back to the original subnet for delivery to MN1. This suboptimal routing is obviously undesirable. This document specifies experimental extensions to the basic mobile IP protocol to allow for the optimization of packet routing from a correspondent node to a mobile node. These extensions provide a means for nodes that implement these extensions to cache the location of a mobile node and to tunnel packets directly to that mobile node's foreign agent, bypassing the possibly lengthy route to and from that mobile node's home agent. Route optimization require nodes to be able to authenticate the location of a mobile node when they learn it, in order to guard against a variety of spoofing attacks. These extensions are intended to operate with a wide variety of authentication mechanisms. A strong authentication mechanism is described that requires either manual key distribution or a key distribution protocol to be available. In addition, a simple authentication mechanism is Johnson, Myles, Perkins Expires 22 January 1995 [Page 1] Internet Draft Route Optimization in Mobile IP 22 July 1994 described that provides adequate security if certain assumption can be made about the trustworthiness network infrastructure. Johnson, Myles, Perkins Expires 22 January 1995 [Page 2] Internet Draft Route Optimization in Mobile IP 22 July 1994 2. Infrastructure 2.1. The Basic Mobile IP Protocol The basic mobile IP protocol [TBD] defines three functional entities: the mobile node, the foreign agent, and the home agent. This section gives a brief overview of their definitions and the protocol interactions that take place between them. A "mobile node" is the node that may move through the IP internetwork. Each mobile node is assigned a constant IP address on a home network, which is known as the mobile node's home address. Correspondent nodes always address packets destined for a mobile node to its home address. When a mobile node connects to a network other than its home network, it identifies and registers with a "foreign agent", which it also uses as a default router for packets that it sends. The foreign agent, during the registration process, provides the mobile node with a "care-of address", which defines the mobile node's current location. The combination of the mobile node's home address and care-of address is known as a "binding". A binding also contains a "timestamp" that originates from the mobile node and is incremented at least each time the mobile node attempts to register or re-register with a foreign agent. The timestamp may be used to compare the relative age of bindings for a mobile node. Each foreign agent maintains a "visitor list" identifying those mobile nodes that are currently registered with this foreign agent. Each mobile node must also have a "home agent", which is attached to the mobile node's home network. The home agent maintains a "home list" identifying all mobile nodes it is configured to serve. When a mobile node registers with a new foreign agent, it must also register with its home agent. While the mobile node is away from its home network and is registered with some care-of-address, the home agent arranges to intercept any packets addressed to the mobile node. When the home agent intercepts such a packet, it tunnels the packet to the mobile node's current care-of-address. When a foreign agent receives a tunneled packet addressed to a mobile node in its visitor list, it delivers the packet locally to the mobile node. Each visitor list entry stored by a foreign agent and the binding stored by a home agent for each mobile node in its home list is marked to be deleted after a "lifetime" period negotiated during the registration process. If a mobile node does not reregister with its foreign agent within this lifetime, the foreign agent deletes the entry for this mobile node from its visitor list. If a mobile node does not reregister with its home agent within this lifetime, Johnson, Myles, Perkins Expires 22 January 1995 [Page 3] Internet Draft Route Optimization in Mobile IP 22 July 1994 the home agent deletes this binding for the mobile node from its home list and assumes that the mobile node is connected to its home network. 2.2. Cache Agents The basic mobile IP protocol utilizes home agents and foreign agents to support the routing of packets to a mobile node. The route optimization extensions described here introduce a third type of agent, called a "cache agent", to improve this routing. A "cache agent" may cache the binding of one or more mobile nodes in a "location cache", and subsequently tunnels any packets it receives or originates that are addressed to one of these mobile nodes directly to the foreign agent recorded in the cached binding. A cache agent may create a location cache entry for a mobile node only when it has received and authenticated the mobile node's binding. Likewise, a cache agent may update an existing location cache entry for a mobile node, such as after the mobile node has moved to a new foreign agent, only when the cache agent has received and authenticated the mobile node's new binding. The procedures for authenticating a binding are described in Section 6. Cache agents learn the binding of a mobile node, or learn that a new binding is needed, through the receipt of a Binding Update message referring to that mobile node. Nodes supporting these route optimization extensions may send a Binding Update message about for a mobile node to another node only when it appears that a binding update is needed by the other node. The procedures for sending and receiving binding updates are described in Section 5. Any node functioning as a home agent effectively also functions as a cache agent, at least for the mobile nodes in its home list. Beyond this, any node may function as a cache agent, but is not required to do so. It is expected, that most mobile nodes, foreign agents, and home agents will also function as cache agents. Some routers may also function as cache agents. Optimal routing of packets from a correspondent node can be achieved if the correspondent node is also functioning as a cache agent. A router functioning as a cache agent can provide routing assistance for packets that it forwards from correspondent nodes that do not implement the mobile IP routing optimization extensions. For example, a network of nodes that do not implement route optimization could be supported by a common first-hop router that functions as a cache agent. Johnson, Myles, Perkins Expires 22 January 1995 [Page 4] Internet Draft Route Optimization in Mobile IP 22 July 1994 A location cache at a cache agent will, by necessity, have a finite size; with the exception that a home agent must function as a cache agent for the mobile nodes for which it serves, all entries in a location cache may be managed by the cache agent using any local cache replacement policy, such as LRU. Each location cache entry may be marked to be deleted after a period of time specified by the node providing the binding. A cache agent may attempt to reconfirm an entry in its location cache before the entry expires, thus extending the location cache entry's timeout period. Such active reconfirmation is appropriate when it is likely that the entry will be used again in the near future, and the cache agent wants to ensure uninterrupted service to the mobile node. If a foreign agent is notified that a mobile node it serves has moved, it may use the binding included with the notification, subject to authentication constraints, to establish a location cache entry for the mobile node, assuming that the foreign agent is also capable of functioning as a cache agent. 2.3. Authenticated Visitor List Entries In the basic mobile IP protocol, if a packet for a mobile node is tunneled to a foreign agent, the foreign agent may deliver the packet locally to the mobile node if the foreign agent has a visitor list entry for that mobile node. If a foreign agent is also functioning as a router for forwarding normal IP traffic, non-tunneled IP packets addressed to a mobile node for which the foreign agent has a visitor list entry might arrive at that foreign agent for IP forwarding. The basic mobile IP protocol, allows such a foreign agent to forward the packet using only normal IP routing, preventing it from delivering the packet locally to the mobile node. Route optimization modifies this behavior by permitting such a foreign agent to deliver the (non-tunneled) packet locally as long as the visitor list entry for that mobile node is marked as "authenticated". Each visitor list entry is marked as either "authenticated" or "unauthenticated". A visitor list entry may be marked as authenticated only after confirming the identity of the mobile node using the authentication mechanisms defined in Section 6. After a timeout period, a visitor list entry reverts to being marked as unauthenticated unless the identity of the mobile node is reconfirmed. When a visitor list entry for some mobile node is marked as unauthenticated, the foreign agent behaves the same with respect to this mobile node as in the basic mobile IP protocol. The foreign Johnson, Myles, Perkins Expires 22 January 1995 [Page 5] Internet Draft Route Optimization in Mobile IP 22 July 1994 agent may only deliver arriving packets to this mobile node if they are tunneled to the foreign agent. When a visitor list is marked as authenticated it may be used to forward any arriving packet for the mobile node, whether tunneled or not. Johnson, Myles, Perkins Expires 22 January 1995 [Page 6] Internet Draft Route Optimization in Mobile IP 22 July 1994 3. Forwarding Rules In general, a node uses whatever location cache, visitor list, home list, and normal IP routing table information it has available to forward packets, with a small number of restrictions. If none of the rules below apply to a particular packet, then normal IP forwarding rules are followed. The forwarding rules make use of what is known as a "special tunnel", in which a packet is tunneled with the destination of the tunnel equal to the destination of the packet. A special tunnel packet may only be forwarded using normal IP routing mechanisms, thus ensuring that it reaches the home network of the destination node. A special tunnel may be used to force a packet to be routed to a mobile node's home agent, when the mobile node is not registered at home, since the packet will be intercepted by the home agent once it reaches the mobile node's home network. The following three rules apply to all nodes using route optimization, and allow for the delivery of packets addressed to these nodes and for the decapsulation of tunneled packets: - If a node receives a tunneled packet and the destination of the tunnel is one of the node's own addresses, then the node decapsulates the packet and continues processing the packet according to the remaining forwarding rules. - If a node receives a packet and the destination of the packet is one of the node's own addresses, then the node passes the packet to higher layer protocols for processing. A home agent will generally have a current authenticated binding for all the mobile nodes in its home list, either in its location cache or in a visitor list. This property helps define the forwarding rules for a home agent when dealing with packets addressed to the mobile nodes in its home list. The following forwarding rules apply to packets received by a home agent: - If a home agent receives a special tunnel packet addressed to a mobile node in its home list, then the home agent decapsulates the packet and continues processing the packet according to the remaining forwarding rules. - If a home agent receives a packet addressed to a mobile node in its home list, and the packet is a route optimization management Johnson, Myles, Perkins Expires 22 January 1995 [Page 7] Internet Draft Route Optimization in Mobile IP 22 July 1994 packet with its Routing (R) bit set, then the home agent passes the packet to higher layer protocols for processing. - If a home agent receives a packet addressed to a mobile node in its home list and the home agent has a visitor list entry for the mobile node, then the home agent delivers the packet locally to the interface indicated by the visitor list entry. - If a home agent receives a packet addressed to a mobile node in its home list and the home agent has a location cache entry for the mobile node, then the home agent tunnels the packet to the care-of address indicated in the location cache entry, subject to the restriction in the following rule. - A home agent must never tunnel a packet to a foreign agent if the packet was just tunneled to the home agent from that same foreign agent. This rule avoids looping between a home agent and a foreign agent that no longer thinks it serves some mobile node. The home agent may discard or buffer the packet in these circumstances. - If a home agent receives a packet addressed to a mobile node in its home list and this home agent does not have a location cache entry or a visitor list entry for the destination mobile node, the home agent either discards or buffers the packet. Foreign agents and cache agents use forwarding rules that are similar to those used by a home agent. The differences from the rules used by a home agent are primarily due to the fact that a foreign agent or a cache agent might not have an authenticated binding for the mobile node, if that agent is not also the home agent serving that mobile node. The following forwarding rules apply to packets received by a foreign agent or a cache agent: - If a foreign agent or cache agent receives a route optimization management packet with its Routing (R) bit set, then that node routes the packet normally, without using any location cache or visitor list information. - If a foreign agent receives a tunneled packet and the foreign agent has an entry in its visitor list for the packet's destination after decapsulating the packet, then the foreign agent delivers the packet locally to the interface indicated by the visitor list entry. Johnson, Myles, Perkins Expires 22 January 1995 [Page 8] Internet Draft Route Optimization in Mobile IP 22 July 1994 - If a foreign agent receives a packet and the foreign agent has an authenticated visitor list entry for the packet's destination, then the foreign agent delivers the packet locally to the interface indicated by the visitor list entry. - If a cache agent receives a packet and the cache agent has a location cache entry for the packet's destination, then the cache agent tunnels the packet to the care-of address indicated in the location cache entry. - If a cache agent or a foreign agent receives a tunneled packet and the cache agent or foreign agent is unable to forward the packet using the above rules after decapsulating the packet, then the cache agent or foreign agent tunnels the packet to the mobile node's home network using a special tunnel. Johnson, Myles, Perkins Expires 22 January 1995 [Page 9] Internet Draft Route Optimization in Mobile IP 22 July 1994 4. Route Optimization Management Messages Route optimization defines four message types used for management of location cache entries and visitor list entries. Each of these messages begins with the following two fields in the first octet, indicating the routing and type of the message: 0 1 2 3 4 5 6 7 +-+-+-+-+-+-+-+-+ |R| Type | +-+-+-+-+-+-+-+-+ Routing (R) If the Routing (R) bit is set, the message may be forwarded using normal IP routing mechanisms only. Visitor list entries and location cache entries must not be used in routing the message. If the Routing (R) bit is clear, the message may be routed using visitor list entries and location cache entries in addition to normal IP routing mechanisms. This bit is used to force management messages addressed to a mobile node's home address to be routed to a mobile node's home network; when the mobile node is away from its home network, such messages will be intercepted by the mobile node's home agent for processing on behalf of the mobile node. Type The type of the message, indicating which operation is being performed. The following Type codes are defined in this document: 0x30 = Binding Advice message 0x31 = Binding Inquire message 0x32 = Binding Update message 0x33 = Binding Acknowledge message Johnson, Myles, Perkins Expires 22 January 1995 [Page 10] Internet Draft Route Optimization in Mobile IP 22 July 1994 4.1. Authenticator Extension The following packet formats use the extension format as defined by the basic mobile IP protocol and repeated below. 0 1 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | Type | Length | Data ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- In the case of simple authentication the Extension Type is 0xXX. The Extension Length depends on the size of the random numbers used but it must be at least 4. Johnson, Myles, Perkins Expires 22 January 1995 [Page 11] Internet Draft Route Optimization in Mobile IP 22 July 1994 4.2. Binding Advice Message A Binding Advice message is used to advise another node that it should obtain a new authenticated binding for a specified mobile node. It may be sent after forwarding a message to a mobile node from a source that appears not to have a current binding for that mobile node. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R| Type |A| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Home Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Routing (R) 0 Type 0x30 Acknowledge (A) The Acknowledge (A) bit is set if the node sending the Binding Advice message would like the node receiving it to send a Binding Acknowledge message acknowledge its receipt. Reserved Sent as 0; ignored on reception. Home Address The Home Address field contain the home address of the mobile node to which the Binding Advice message refers. Johnson, Myles, Perkins Expires 22 January 1995 [Page 12] Internet Draft Route Optimization in Mobile IP 22 July 1994 4.3. Binding Inquire Message A Binding Inquire message is used to request the binding stored by some node for a specified mobile node. It may be sent after receiving a Binding Advice message, or when updating a currently stored location cache entry. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R| Type | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Home Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ~ Authenticator Extension ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Routing (R) The Routing (R) bit may be set or cleared. Type 0x31 Reserved Sent as 0; ignored on reception. Home Address The Home Address field contains the home address of the mobile node to which the Binding Inquire refers. Authenticator Extension The Authenticator Extension field contains information that depends on the authentication mechanisms in use. In the case of strong authentication using MD5, the Authenticator Extension field contains an MD5 checksum that covers all the fields before the Authenticator Extension field, in addition to a shared secret. In the case of simple authentication, the Authenticator Extension field contains a random number, chosen by the sender. Johnson, Myles, Perkins Expires 22 January 1995 [Page 13] Internet Draft Route Optimization in Mobile IP 22 July 1994 Only replies containing the same value in the Authenticator Extension field are considered to be authenticated. Johnson, Myles, Perkins Expires 22 January 1995 [Page 14] Internet Draft Route Optimization in Mobile IP 22 July 1994 4.4. Binding Update Message The Binding Update message is used to notify another node of a mobile node's binding. It may be sent in response to a Binding Inquire message, after forwarding a message to a mobile node from a source that appears not to have a current binding for that mobile node, or when notifying a mobile node's previous foreign agent that the mobile node has moved. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R| Type |A|P| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Home Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Agent Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ~ Authenticator Extension ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Routing (R) 0 Type 0x32 Acknowledge (A) The Acknowledge (A) bit is set if the node sending the Binding Update message requires node receiving it to send a Binding Acknowledge message acknowledging that action. Private (P) The Private (P) bit is set if the mobile node's binding must be kept private and may not be advertised other than to the mobile node's home agent and current foreign agent; otherwise the binding may be advertised as requested. Johnson, Myles, Perkins Expires 22 January 1995 [Page 15] Internet Draft Route Optimization in Mobile IP 22 July 1994 Reserved Sent as 0; ignored on reception. Home Address The Home Address field contain the home address of the mobile node to which the Binding Update message refers. Timestamp The Timestamp field contains the timestamp of the binding for the mobile node whose address is the in the Home Address field. Agent Address The Agent Address field contains the current care-of address of the mobile node as recorded by the node sending the Binding Update message. Lifetime The Lifetime field contains the maximum time, in seconds, that the binding should be maintained if the Binding Update message is authenticated. Authenticator Extension The Authenticator Extension field contains information that depends on the authentication mechanisms in use. In the case of simple authentication, the Authenticator Extension field usually contains a random number that was negotiated with a previous foreign agent by a mobile node. In the case of strong authentication using MD5, the Authenticator Extension field contains an MD5 checksum that covers all the fields before the Authenticator Extension field, in addition to a shared secret. Johnson, Myles, Perkins Expires 22 January 1995 [Page 16] Internet Draft Route Optimization in Mobile IP 22 July 1994 4.5. Binding Acknowledge Message A Binding Acknowledge message is used to acknowledge receipt of a Binding Advice message or Binding Update message, when this message has the Acknowledge (A) bit set. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |R| Type | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Home Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ~ Authenticator Extension ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Routing (R) 0 Type 0x33 Reserved Sent as 0; ignored on reception. Home Address The Home Address field contains the home address of the mobile node to which the Binding Acknowledge message refers. Timestamp The Timestamp field contains the timestamp of the binding being acknowledged. Authenticator Extension The Authenticator Extension field contains information that depends on the authentication mechanisms in use. Johnson, Myles, Perkins Expires 22 January 1995 [Page 17] Internet Draft Route Optimization in Mobile IP 22 July 1994 In the case of simple authentication, the Authenticator Extension field contains the same value as the corresponding Binding Update message. In the case of strong authentication using MD5, the Authenticator Extension field contains an MD5 checksum that covers all the fields before the Authenticator Extension field, in addition to a shared secret. Johnson, Myles, Perkins Expires 22 January 1995 [Page 18] Internet Draft Route Optimization in Mobile IP 22 July 1994 5. Route Optimization Procedures 5.1. Previous Foreign Agent List A mobile node must maintain a "previous foreign agent list" containing the care-of address offered by any previous foreign agents with which it has registered or attempted to register and which may possibly still consider the mobile node to be registered with it. This allows the mobile node to arrange for the notification of these foreign agents when it moves. Otherwise, there is a danger packets will be mis-delivered or lost for up to the timeout of the registration with the previous foreign agent. When a mobile node sends a Registration Inquire message to a foreign agent, it must create an entry for the foreign agent in its previous foreign agent list. The entry includes the Care-of Address offered by the foreign agent, and the Foreign Agent Lifetime value sent in the message. There is no need to create an entry when the previous foreign agent is also the mobile node's home agent. In the case of simple authentication, it also includes a random number that the mobile node sends the foreign agent as part of a simple authentication extension field. This value acts as a one-time authenticator. When a mobile node receives a Registration Reply message from a foreign agent indicating that the foreign agent has accepted its registration, the mobile node must update the new entry in its previous foreign agent list to reflect the Foreign Agent Lifetime value chosen by the foreign agent. The mobile node may also delete any old entries for the foreign agent in the previous foreign agent list. In the case of simple authentication, the mobile node authenticates the Registration Reply message by ensuring that the message contains the same random number in a simple authentication extension field. An entry in the previous foreign agent list may also be deleted when the mobile node receives a Binding Acknowledge message from the foreign agent indicating that the foreign agent has received a Binding Update message from the mobile node or its new Foreign Agent (see section 6.2.2). Johnson, Myles, Perkins Expires 22 January 1995 [Page 19] Internet Draft Route Optimization in Mobile IP 22 July 1994 Finally, an entry can be removed from the previous foreign agent list after the mobile node can be sure of the expiration of the Foreign Agent Lifetime period. Generally, the previous foreign agent list will have only one or two entries, unless communication or node failures have prevented the mobile node notifying previous foreign agents, or if the mobile node has been moving very quickly. Johnson, Myles, Perkins Expires 22 January 1995 [Page 20] Internet Draft Route Optimization in Mobile IP 22 July 1994 5.2. Notifying Previous Foreign Agents After a mobile node has registered with a new foreign agent it may notify the foreign agents on its previous foreign agent list. The notification is acknowledged. Any retransmission of the notification occurs using a back-off mechanism. Alternatively, the mobile node may have requested that its new foreign agent (via an extension to the Registration Reply message) must notify the previous foreign agent. The new foreign agent will never retry its retransmission of the notification. The Binding Update message is sent to the previous foreign agents using the care-of address in the previous foreign agent list as its destination contains the following fields: Private (P) bit The Private (P) bit is either set if the mobile node wants to keep its binding private and to disallow advertising this binding to other nodes. Otherwise, it is cleared. Acknowledge (A) bit The Acknowledge (A) bit is set to require an acknowledgement. Home Address The Home Address field contains the mobile node's home address. Timestamp The Timestamp field contains the mobile node's current Timestamp. Agent Address If the mobile node wants to reveal its new binding to the previous foreign agent, the Agent Address field contains the care-of address provided by the mobile node's current foreign agent. Otherwise, the Agent Address field contains the mobile node's home address. Lifetime If the mobile node wants to reveal its new binding to the previous foreign agent, the Lifetime field contains the maximum Johnson, Myles, Perkins Expires 22 January 1995 [Page 21] Internet Draft Route Optimization in Mobile IP 22 July 1994 time, in seconds, that the previous foreign agent may keep this binding without reconfirming it. Otherwise, the Lifetime field is set to zero. Authenticator Extension The Authenticator Extension contains information that allows the previous foreign agent to authenticate the Binding Update message. In the case of simple authentication, the Authenticator Extension field contains the random number the mobile node provided to the foreign agent when it registered. When a foreign agent receives a Binding Update message with Acknowledge (A) bit set, the foreign agent first ensures that it has a visitor list entry for the mobile node specified in the Home Address field. In the case of simple authentication, the foreign agent also ensures that the value in the Authenticator Extension field is the same as that stored with the visitor list entry. In the case of strong authentication, the foreign agent ensures that the Binding Update message really came from the mobile node using the Authenticator Extension field and any keys to which it has access. Assuming that the message is authenticated, the visitor list entry is deleted if the Timestamp field has a greater value than the timestamp stored with the visitor list entry or if the visitor list entry is marked as unauthenticated. If the foreign agent also functions as a cache agent and the deleted visitor list entry was marked as authenticated, then a location cache entry may be created that indicates that the mobile node is now registered with the foreign agent specified in the Agent Address field. This entry should be marked to timeout after the minimum of the Lifetime specified in the Binding Update message and the remaining time left before the authentication of the visitor list entry would have expired. However, if the Agent Address field in the Binding Update message is equal to the mobile node's home address, indicating the mobile node is at home, then no location cache entry is created. The value of the Timestamp field and the Private (P) bit in the Binding Update message should also be stored in any location cache entry that is created. Johnson, Myles, Perkins Expires 22 January 1995 [Page 22] Internet Draft Route Optimization in Mobile IP 22 July 1994 Finally, the foreign agent must send a Binding Acknowledge message to the mobile node to acknowledge receipt of the Binding Update message. This acknowledgement is sent even when the foreign agent does not accept the Binding Update message because it is not authenticated. The Binding Acknowledge message contains the following fields: Home Address The Home Address field contains the same value as the Home Address field in the Binding Update message. Timestamp The Timestamp field contains the same value as Timestamp field in the Binding Update message. Authenticator Extension The Authenticator Extension contains information that allows the mobile node to authenticate the Binding Acknowledge message. In the case of simple authentication, it contains the same value as that in the Binding Update message. When a mobile node receives a Binding Acknowledge message, it must first authenticate the message. Assuming that the message is authenticated, the mobile node may delete a corresponding entry in the previous foreign agent list. In the case of simple authentication, authentication requires the mobile node to confirm the value of the Authenticator Extension field contains the same value as a corresponding Binding Update message. Johnson, Myles, Perkins Expires 22 January 1995 [Page 23] Internet Draft Route Optimization in Mobile IP 22 July 1994 5.3. Notifying Incorrect Cache Agents The philosophy of route optimization is to distribute bindings only to other nodes as they are required. Generally, this means that only when a node determines that another node might be holding an incorrect binding for a mobile node should the first node send it a notification advising the second node to acquire a current binding. The two exceptions to this philosophy are that a mobile node or its new foreign agent usually attempts to notify the mobile node's previous foreign agents that the mobile node has moved, and a mobile node always notifies its home agent that it has moved. In terms of the forwarding rules defined in Section 3 a cache agent should send a Binding Advice or Binding Update message to the source of any packet received that the cache agent subsequently tunnels using a location cache entry. Similarly, a cache agent or a foreign agent should send a notification to the source of any tunnel that is addressed to the node if it is unable to forward the packet except by using a special tunnel. In both cases, the source of the packet or tunneled packet has either an incorrect or no binding cached for a mobile node. The Binding Advice message has the following fields: Acknowledge (A) The Acknowledge (A) bit is cleared. Home Address The Home Address field is set to the home address of the mobile node that the message refers to. The Binding (B) bit may be set and a binding included if the node receiving the Binding Update message might be able to authenticate the source of the message and trusts it to provide the binding of the mobile node specified in the Home Address field. In this case the Agent Address, Timestamp, Lifetime and Authenticator Extension fields are also filled in. Any nodes that do not implement route optimization will ignore any Binding Update message that they receive. Even those nodes that do implement route optimization may be limited in the number of bindings that they can cache or the speed with which they can process notifications. Therefore, a node must use a back-off algorithm to reduce the frequency of Binding Update messages it sends another node concerning the binding of a particular mobile node when it appears that the other node is ignoring the Binding Update messages. Johnson, Myles, Perkins Expires 22 January 1995 [Page 24] Internet Draft Route Optimization in Mobile IP 22 July 1994 Johnson, Myles, Perkins Expires 22 January 1995 [Page 25] Internet Draft Route Optimization in Mobile IP 22 July 1994 5.4. Obtaining a Mobile Node Binding When a foreign agent registers a mobile node and creates a new visitor list entry, the visitor list entry must be marked as unauthenticated. The foreign agent can only mark the visitor list entry as authenticated when it obtains an authenticated binding for the mobile node that indicates the foreign agent is serving the mobile node. The foreign agent may attempt to authenticate a visitor list entry immediately, or it may wait until it would have used the visitor list entry if it had been authenticated. In many configurations, there is no benefit in authenticating visitor list entries. A cache agent may attempt to create a location cache entry for a mobile node at any time. However, typically it will do so after receiving a Binding Update message. A router acting as a cache agent may also decide to create a location cache entry after snooping on Binding Update message addressed to other node. If the message is unauthenticated or the cache agent does not trust the source, the cache agent needs a way of obtaining an authenticated binding for the mobile node it refers to. In both cases, authentication is achieved by sending the mobile node's home agent a Binding Inquire message containing a request for the mobile node's binding. The Binding Inquire message is answered by a Binding Update message, which provides an authenticated binding for the mobile node. The binding authentication must be timed out after a period specified in the Binding Update message. In the case of a location cache entry, the entry must be deleted if the authentication times out. In the case of a visitor list entry, the entry must be marked as unauthenticated if the authentication times out. Authentication timeouts may be avoided by obtaining a new binding before the timeout occurs. The Binding Inquire message may be addressed to the mobile node, with the Routing (R) bit set so that the message is routed to the mobile node's home network where it will be processed either by the mobile node or its home agent. If the node sending the Binding Inquire message knows the address of the mobile node's home agent, then the Binding Inquire message may be addressed to the home agent with the Routing (R) bit cleared. The home agent address must have been obtained from a trusted source. A Binding Inquire message may also be sent to any other node to find out if that node has an authenticated binding for a mobile node. Johnson, Myles, Perkins Expires 22 January 1995 [Page 26] Internet Draft Route Optimization in Mobile IP 22 July 1994 A node must limit the frequency of Binding Inquire messages that it transmits, in order to avoid flooding the network. The maximum frequency is a configuration parameter. If it appears that the Binding Inquire messages are being ignored, the node should reduce the rate of their transmission. The Binding Inquire message used to obtain an authenticated binding for a mobile node contains the following fields: Routing (R) The Routing (R) bit is set when the Binding Inquire message is addressed to the mobile node in the Home Address field. Otherwise, it is cleared. Home Address The Home Address field contains the home address of the mobile node for which a binding is requested. Authenticator Extension The Authenticator Extension contains information that allows the various authentication procedures to be carried out. In the case of simple authentication, the Authenticator Extension field contains a random number chosen by the node sending the message. In the case of strong authentication, the Authenticator Extension field may contain information allowing the destination of the message to authenticate the source of the message. When a Binding Inquire message is received, a node may attempt to authenticate the source of the message. In the case of strong authentication the information in the Authenticator Extension field may be used. If the source is unacceptable, the node may either ignore the message or reply indicating the mobile node is connected to its home network. Assuming the source is acceptable, the node replies to the source of the message with a Binding Update message containing the mobile node's binding. If the binding is marked as Private or a binding for the mobile node is not known, the binding returned indicates the mobile node is connected to its home network. The Binding Update message then contains the following fields: Johnson, Myles, Perkins Expires 22 January 1995 [Page 27] Internet Draft Route Optimization in Mobile IP 22 July 1994 Private (P) The Private (P) bit is set if binding is to remain private and may not be advertised to other nodes. Home Address The Home Address field contains the same value as the Home Address field in the Binding Inquire message. Timestamp The Timestamp field contains the mobile node's current Timestamp, if known. Otherwise, it contains 0. Agent Address If the node wants to reveal the mobile nodes binding, the Agent Address field contains the mobile node's care-of address. Otherwise, the Agent Address field contains the mobile node's home address. Lifetime If the node wants to reveal its the mobile nodes binding, the Lifetime field contains the maximum time, in seconds, that the binding is valid. Otherwise, the Lifetime field is set to zero. Authenticator Extension The Authenticator Extension contains information that allows the destination agent to authenticate the Binding Update message. In the case of simple authentication, it contains the random number that was in the Binding Inquire message. When a node receives a Binding Update message, it first attempts to authenticate the source of the message. In the case of simple authentication, the node checks that the random number in the Authenticator Extension field is the same as that sent in a corresponding Binding Inquire message. In the case of strong authentication, the node ensures the Binding Update message really came from the claimed source. using any Authenticator Extension field and any keys to which it has access. Johnson, Myles, Perkins Expires 22 January 1995 [Page 28] Internet Draft Route Optimization in Mobile IP 22 July 1994 If the original Binding Inquire message was sent to a mobile node or its home agent, then a binding in the Binding Update message may be used to update a visitor list entry for the mobile node referred to in the message as follows: - If the visitor list entry is unauthenticated and the binding indicates another node serves the mobile node as a foreign agent then the binding is ignored. - If the visitor list entry is authenticated, the binding indicates another node serves the mobile node as a foreign agent and the Timestamp in the Binding Update message is greater than that stored with the visitor list, then the visitor list entry is deleted. - If the visitor list entry is unauthenticated and the binding indicates this foreign agent serves the mobile node, then the visitor list entry is marked as authenticated and the Timestamp in the Binding Update is stored with the visitor list entry. The authentication expires after the period in the Lifetime field. - If the visitor list entry is authenticated, the binding indicates this foreign agent serves the mobile node and the Timestamp in the Binding Update message is greater than or equal to that stored with the visitor list, then the visitor list entry is marked as authenticated and the Timestamp in the Binding Update is stored with the visitor list entry. The authentication expires after the period in the Lifetime field. If the original Binding Inquire message was sent to a mobile node or its home agent, then a binding in the Binding Update message may be used to update a location cache entry for the mobile node referred to in the message as follows: - If the Timestamp field in the Binding Update message is greater than or equal to that stored with a location cache entry for the mobile node, the location cache entry is deleted. If the Agent Address field is not equal to the Home Address field and the Agent Address field does not indicate that the node receiving the reply serves the mobile node as a foreign agent, a new location cache entry is created that indicates the foreign agent specified in the Agent Address field serves the mobile node. This entry is marked to timeout after the Lifetime field. Johnson, Myles, Perkins Expires 22 January 1995 [Page 29] Internet Draft Route Optimization in Mobile IP 22 July 1994 - If the cache agent does not have a location cache entry for the mobile node, the Agent Address field is not equal to the Home Address field, and the Agent Address field does not indicate that the node receiving the reply serves the mobile node as a foreign agent, then the cache agent creates a location cache entry that indicates the foreign agent specified in the Agent Address field serves the mobile node. This entry is marked to timeout after the period specified in the Lifetime field. Johnson, Myles, Perkins Expires 22 January 1995 [Page 30] Internet Draft Route Optimization in Mobile IP 22 July 1994 6. Binding Authentication 6.1. Introduction There are number of protocol interactions in route optimization that are required to be authenticated in addition to those required for basic mobile IP. They are: - A cache agent must be able to obtain an authenticated binding for a mobile node so that it can create a location cache entry for the mobile node. - A foreign agent must be able to obtain an authenticated binding for a mobile node so that it can mark a visitor list entry as authenticated (as long as the binding indicates the foreign agent defines the current location of the mobile node). - A foreign agent must be able to authenticate a notification from a mobile node which claims that it has moved so that the foreign agent can delete the visitor list entry it has for the mobile node and optionally create a location cache entry if the foreign agent is also a cache agent. - A mobile node must also be able to authenticate an acknowledgement to such a notification from a previous foreign agent. The following sections describe two authentication mechanisms used to achieve the above goals along with their interoperation. The first mechanism is based on the use of cryptographically strong signatures. The main difficulty with such mechanisms is that they require a key distribution infrastructure that does not generally exist on the Internet yet. Due to patent and international export restrictions, the required infrastructure may not become available for some time. Furthermore, such procedures based on a generalized key distribution scheme are likely to be slow, with a subsequent impact on performance transparency to the user. The alternative to key distribution infrastructure is manual key distribution, which is even more unattractive except in very specialized environments. The second mechanism is called "simple authentication" and provides a level of security that is at least as good as that provided by the Internet today. It utilizes a challenge and response mechanism using one time passwords to maximize the level of security provided without a full key distribution infrastructure. Johnson, Myles, Perkins Expires 22 January 1995 [Page 31] Internet Draft Route Optimization in Mobile IP 22 July 1994 The fundamental assumption of the simple authentication mechanisms is that the Internet routing infrastructure may be trusted to route packets, without modification, to their destination and that malicious nodes not connected to the normal routing path of a packet can do nothing to cause themselves to be put in that path. While it is recognized that, realistically, this assumption may not hold in all environments, it is one that is present in many protocols in today's Internet and is accepted by many users. It is also an assumption that holds in networks owned by a single organization, such as CDPD or intra-company networks. Johnson, Myles, Perkins Expires 22 January 1995 [Page 32] Internet Draft Route Optimization in Mobile IP 22 July 1994 6.2. Strong Authentication General Authentication Procedure A cache agent may attempt to acquire a mobile node's binding at any time. Typically, a cache agent will do so when it discovers it may have an incorrect binding for a mobile node after it receives a Binding Advice or Binding Update message from another cache agent. If the Binding Update message contains a binding and a signature from the mobile node, the mobile node's home agent or some other trusted source then the binding may be used to update a location cache entry for the mobile node in the cache agent. The binding is valid only for the period indicated in the Binding Update message. In other cases, the Binding Advice message may be used as a trigger to start a process to obtain an up to date binding for the mobile node. To do so, the cache agent sends a Binding Inquire message to the mobile node's home agent. The home agent includes authentication in the Binding Update message it sends in response. Assuming that the cache agent determines the authentication is acceptable, the cache agent may use the binding to update its location cache entry for the mobile node. The binding is valid only for the period indicated in the Binding Update message. In some circumstances, the home agent may require the source of Binding Inquire message to also be authenticated, as the home agent may want to restrict the distribution of a mobile node's binding to particular cache agents. The processes described above require a cache agent to obtain the address of the mobile node's home agent and the home agent's key from either a trusted source or from manually distributed configuration and key files. It also may require a home agent to obtain the key used by the cache agent. 6.2.1. Authenticating a Visitor List Entry A foreign agent may attempt to authenticate a visitor list entry at any time. Typically, it will do if it discovers it would be able to forward packets directly to the mobile node if the visitor list entry was authenticated. A foreign agent may authenticate a visitor list entry by using the general authentication procedure described above. It uses this procedure to prove that the mobile node that it has registered is Johnson, Myles, Perkins Expires 22 January 1995 [Page 33] Internet Draft Route Optimization in Mobile IP 22 July 1994 also registered by the mobile node's home agent with a binding that indicates the foreign agent. 6.2.2. Previous Foreign Agent Authentication When a mobile node moves it is important that it's previous foreign agent is reliably notified, so that the previous foreign agent can delete its visitor list entry for the mobile node. If the foreign agent is also a cache agent then it may also create a location cache entry for the mobile node. The notification to the previous foreign agent is sent in a Binding Update message. The message includes a binding and a signature from the mobile node. If the previous foreign agent determines that the signature is acceptable, it may use the binding to delete its visitor list entry for the mobile node. In the case that the foreign agent is also a cache agent and the binding indicates the mobile node is not at home, it may also create a location cache entry for the mobile node that is valid for the period indicated in the Binding Update message. The previous foreign agent must also send a Binding Acknowledgement message to the mobile node acknowledging the receipt of the Binding Update message. A flag in the Binding Update message indicates the need for Binding Acknowledgement message. The Binding Acknowledgement message must contain a signature so that the mobile node can ensure the message came from the previous foreign agent. The processes described above require a mobile node to obtain the key used by its previous foreign agent and the previous foreign agent to obtain a key for the mobile node. It is desirable that these keys are obtained before the mobile node moves so that the notification to the previous foreign agent can be quickly completed. It is possible for the mobile node to request, during registration with a new Foreign Agent, that the new Foreign Agent transmit the Binding Update to the previous Foreign Agent, instead of requiring that the Mobile Host send the Binding Update in a separate message. This has the advantage that fewer messages are sent over the (possibly slow) wireless medium. Moreover, the new Foreign Agent may not be willing to forward any other messages from the Mobile Node until the Home Agent sends back a Registration Reply message for the Mobile Node, so the previous Foreign Agent would then lose packets for the Mobile Host (unless layer-2 mechanisms are in place) even with perfect physical coverage. Having the new Foreign Agent deliver a Binding Update solves all these problems. This requires the establishment of a new Extension to the Registration Request message, and one new status code for the Registration Reply. Note that, due to the presumed proximity of the previous Foreign Agents, in nearly all cases the Binding Acknowledgement from the previous Foreign Agent will arrive before the Registration Reply. Johnson, Myles, Perkins Expires 22 January 1995 [Page 34] Internet Draft Route Optimization in Mobile IP 22 July 1994 6.3. Simple Authentication 6.3.1. General Authentication Procedure It is assumed in the simple authentication scheme that the only two nodes that might have a shared secret are a mobile node and its home agent. Thus, when a cache agent receives a Binding Update message or decides for some other reason that it needs a binding for a mobile node, it will generally have to use a simple authentication challenge response mechanism to acquire an authenticated binding for the mobile node indicated in the message. To acquire an authenticated binding for a mobile node, a cache agent sends a Binding Inquire message addressed to the mobile node. It also sets the Routing (R) bit in the message to tell intermediate cache agents to not redirect the packet using any location cache entry they might have for the mobile node. The result is that the packet is always routed to either the mobile node (if the mobile node is registered with a foreign agent that is also its home agent) or the mobile node's home agent (otherwise). The Routing (R) bit tells the mobile node's home agent to process the Binding Inquire message on its behalf. If the cache agent happens to know the address of mobile node's home agent, it may send the Binding Inquire message to the home agent directly with the Routing (R) bit cleared. In either case, the Binding Inquire message contains a random number in its authenticator field chosen by the cache agent. When the mobile node or its home agent receives the packet, it responds with a Binding Update message containing the same random number in its authenticator field and the mobile node's binding. If the node sending the Binding Update message does not know the mobile node's binding, or does not want to reveal it, then the binding indicates the mobile node is at home. When the cache agent receives the Binding Update message it ensures that the authenticator field corresponds to an outstanding Binding Inquire message and then uses the binding to update its location cache. The binding is valid only for the period indicated in the Binding Update message. The use of a one time disclosing authenticator implicitly trusts intermediate nodes not to intercept the message containing the authenticator and forge a response. 6.3.2. Authenticating a Visitor List Entry A foreign agent may authenticate a visitor list entry by using the general authentication procedure described above. This is analogous Johnson, Myles, Perkins Expires 22 January 1995 [Page 35] Internet Draft Route Optimization in Mobile IP 22 July 1994 to the use of the general authentication procedure in the strong authentication case. 6.3.3. Previous Foreign Agent Authentication Under the simple authentication mechanism, a mobile node chooses a random number as an authenticator, which it passes to a foreign agent when it registers with the foreign agent. The foreign agent then stores the authenticator with its visitor list entry for the mobile node. When the mobile node wants to notify a previous foreign agent that it has moved, it includes the authenticator in the Binding Update message it sends the previous foreign agent, or in an extension to the Registration Request during registration with the new Foreign Agent. The previous foreign agent authenticates the message by ensuring that the received authenticator matches the one stored with the visitor list entry for the mobile node. The previous foreign agent should then delete the visitor list entry it holds for the mobile node. If the previous foreign agent is also a cache agent it may also create a location cache entry for the mobile node. However, it should only do so if the visitor list entry was authenticated and it should mark the location cache entry to be timed out after a period no longer than the minimum of the time left before the authentication expired and the period specified in the Binding Update message. In the case that authenticator is compromised, this limits the networks exposure to the misrouting of packets. The previous local agent is free to use the mechanisms described above to reauthenticate the location cache entry before it expires. Finally, the previous foreign agent should always, regardless of whether the Binding Update message was authenticated, send a Binding Acknowledge message to the mobile node containing the same authenticator as in the Binding Update message. The receipt of the Binding Acknowledge message by the mobile node with the correct authenticator allows it to ensure that the previous foreign agent received the notification. Johnson, Myles, Perkins Expires 22 January 1995 [Page 36] Internet Draft Route Optimization in Mobile IP 22 July 1994 6.4. Simple and Strong Authentication Interoperability It is important that any simple authentication mechanism, already in existence when strong authentication mechanisms are introduced, does not compromise the security of these new mechanisms. For example, if a particular new mobile node wants other nodes to strongly authenticate its binding before use, and yet other nodes are willing to use the less secure simple authentication mechanisms, then there is an opportunity for malicious nodes to compromise the new mobile node's security. As always, an authentication mechanism is only as strong as its weakest link. This problem may be avoided by specifying that a node may only allow a mobile node's binding to be authenticated using the simple authentication mechanisms if the node knows, by whatever means, that the mobile node accepts this arrangement. The default case is thus strong authentication. Unfortunately, this emphasis reduces the convenience of the simple authentication mechanisms, as the means of knowing that a mobile node accepts the simple authentication mechanism will usually be manual. However its does allow cooperating users the possibility of obtaining near optimal routing until key distribution schemes become widely deployed. Johnson, Myles, Perkins Expires 22 January 1995 [Page 37] Internet Draft Route Optimization in Mobile IP 22 July 1994 6.5. Authentication Weaknesses Both the strong and simple authentication mechanisms are open to attack in certain circumstances. The most obvious attack is through a misuse of ARP on a local network. However, this is a problem that exists today with fixed nodes. One way around this problem is for the foreign agent to authenticate the identity of the mobile node during the registration process and to use the MAC source address sent with the registration request. This can be achieved by either the foreign agent authenticating a signature sent by the mobile node during registration, or by the foreign agent authenticating the signature in the reply from the mobile node's known home agent that approves the registration. Another problem occurs if a mobile node does not notify a previous foreign agent that it has moved. In this case, packets will be delivered to the local network after the mobile node has moved, where they may be intercepted. The maximum period of time for which this situation may continue occur is limited by the period of time that bindings in other cache agents are valid and the time that the visitor list entry is authenticated. If the foreign agent allows the existence of an unauthenticated visitor list entry then a malicious mobile node can register with a foreign agent after a mobile node has moved. Any packets tunneled by cache agents to the foreign agent will be delivered to the malicious mobile node. Once again, the maximum period of time during which this situation may continue to occur, is limited by the period during which bindings in other cache agents remain valid. Johnson, Myles, Perkins Expires 22 January 1995 [Page 38] Internet Draft Route Optimization in Mobile IP 22 July 1994 Authors' Addresses David B. Johnson School of Computer Science Carnegie Mellon University 5000 Forbes Avenue Pittsburgh, PA 15213-3891 Work: +1-412-268-7399 Fax: +1-412-681-5739 E-mail: dbj@cs.cmu.edu Andrew Myles Electronics Department Macquarie University 2109 Sydney, Australia Work: +61-2-8059071 Home: +61-2-8786060 Fax: +61-2-8059128 E-mail: andrewm@mpce.mq.edu.au Charles Perkins Room J1-A25 T. J. Watson Research Center IBM Corporation P. O. Box 218 Yorktown Heights, NY 10598 Work: +1-914-789-7350 Fax: +1-914-784-7007 E-mail: perk@watson.ibm.com Johnson, Myles, Perkins Expires 22 January 1995 [Page 39]