A security analysis on Kempf-Koodli's security scheme for Fast Mobile IPv6

Ilsun You; Kouichi Sakurai; Yoshiaki Hori

doi:10.1587/transcom.E92.B.2287

A security analysis on Kempf-Koodli's security scheme for Fast Mobile IPv6

Ilsun You, Kouichi Sakurai, Yoshiaki Hori

Mathematical Informatics

Research output: Contribution to journal › Article › peer-review

4 Citations (Scopus)

Abstract

Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.

Original language	English
Pages (from-to)	2287-2290
Number of pages	4
Journal	IEICE Transactions on Communications
Volume	E92-B
Issue number	6
DOIs	https://doi.org/10.1587/transcom.E92.B.2287
Publication status	Published - Jun 2009

All Science Journal Classification (ASJC) codes

Software
Computer Networks and Communications
Electrical and Electronic Engineering

Access to Document

10.1587/transcom.E92.B.2287

Cite this

@article{031306cb6f4643f084b0f5d7edaa11bd,

title = "A security analysis on Kempf-Koodli's security scheme for Fast Mobile IPv6",

abstract = "Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.",

author = "Ilsun You and Kouichi Sakurai and Yoshiaki Hori",

year = "2009",

month = jun,

doi = "10.1587/transcom.E92.B.2287",

language = "English",

volume = "E92-B",

pages = "2287--2290",

journal = "IEICE Transactions on Communications",

issn = "0916-8516",

publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",

number = "6",

}

TY - JOUR

T1 - A security analysis on Kempf-Koodli's security scheme for Fast Mobile IPv6

AU - You, Ilsun

AU - Sakurai, Kouichi

AU - Hori, Yoshiaki

PY - 2009/6

Y1 - 2009/6

N2 - Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.

AB - Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.

UR - http://www.scopus.com/inward/record.url?scp=77950513844&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77950513844&partnerID=8YFLogxK

U2 - 10.1587/transcom.E92.B.2287

DO - 10.1587/transcom.E92.B.2287

M3 - Article

AN - SCOPUS:77950513844

SN - 0916-8516

VL - E92-B

SP - 2287

EP - 2290

JO - IEICE Transactions on Communications

JF - IEICE Transactions on Communications

IS - 6

ER -

A security analysis on Kempf-Koodli's security scheme for Fast Mobile IPv6

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this