Method for establishing security association and method for secure fast handover in Proxy Mobile IP

Various modification of the present invention refers to various embodiment thereby, the cold air flows that can apply which may have bar, specific drawing illustrated in the embodiment are defined in the description are disclosed and. rapidly and to reduce a memory. However, the present invention with a particular embodiment of the physical shape not defined to be, included within the scope of the present invention all changing a concept and techniques, including replacement water and equalization should understood. Each drawing while describes similar references in a similar was to use components.

Number 1, number 2, A, a set of terms, such as B describes various elements which may be used; however, said components are said terms is don't is defined by. Said terms are components of one an object from other components is carried out by using an acidulous only. For example, rights of the present invention without a wireless type through a wire number 1 number 2 component can be designated components, similarly number 2 number 1 component elements can be designated. And/or a substrate having a number of associated term of items combination or plurality of associated a substrate of items includes which item.

To other components is any component "is connected" know "is connected" when-mentioned that, that different structural elements thereof connected directly to or may be is connected, intermediate the other components may be present that. to be understood. While, to other components is any component "is directly connected with the" know "are directly connected" when-mentioned that, intermediate the other components there is no will should be understood.

The present application only a term use in a particular embodiment used to describe the thereby, the cold air flows are added, is not intending to be defining the present invention. Contextually representation a plurality of differently it is apparent that without the carelessly, includes multiple representations. In the present application, "comprising" or "having ." a set of terms, such as a specification to the features, number, step, operation, components, component or a combination of these is designates the feature to which is present does, number to execute another aspect of one or more, step, operation, components, component or a combination of these existence of a without excluding the possibility or additionally pre should understood.

Other is not defined, technical or scientific for a term including to the all terms are person with skill in the art in the present invention is in the field of the upwardly urged by equivalent to those that would have been understood have the meanings of wet liquid to flow down. Generally are defined as the dictionary used for, such as terms are on wherein the nodes refining the context of related techniques consistent semantics and having having the meanings must be interpreted to, the present application, become manifest in a do not define, excessively or is ideal for the widest sense of the formal does not interpreted.

Hereinafter, the present invention according to a preferred embodiment by issuing an thereby, the cold air flows rapidly and to reduce a memory reference to drawing..

Figure 1 shows a general outline IPv6 (PMIPv6) proxy mobile also to explain the operation of is general outline.

Also 1 with a, mobile node (101) is PMIPv6 domain (105) in entering of in, mobile node (101) a mobile access gateway (102) (access link) access link of access link that each including mobile access gateway (102) is PMIPv6. cause the computer system to perform operation.

First, mobile node (101) after the connected to the access link RtrSol (Router Solicitation) message ((1)) to a mobile access gateway (102) and transmits the to. The, with specific transmission time point of a message RtrSol free are restrictions, mobile node (101) is later connected to access link can be is what point the.

Next, mobile access gateway (102) the of the mobile node to local mobility anchor (LMA; 103) notifies the current position of the mobile node the ontrol data for binding update (PBU; Proxy Binding Update) message ((2)) a packet suitable for an ieee802.. PBU local mobility the anchor receives a message confirming binding ontrol data response (PBA; Proxy Binding Acknowledge) message is for transmitting ((3)). The, prefix home network of the mobile node the message PAB (HNP; Home Network Prefix) .may be included. The, local mobility anchor binding cache in an entry for the mobile node (Binding Cache Entry; BCE) generates a mobile access gateway (102), bidirectional tunneling for its set a (end-point) end point side. The BCE (identifier) identifier of the mobile node, home network prefix, time stamp values and mobile nodes associated with. may be incorporated other information. On the other hand, receives a message PBA mobile access gateway (102) the, local mobility anchor (103), bidirectional tunneling for its is set between an end point side. I.e., the mobile node, bidirectional tunneling produced (101) of traffic local mobility anchor (103) forwarding it to be used for.

Next, mobile access gateway (102) the RtrAdv (Router Advertisement) message ((4)) to the mobile node (101), and transmits the. The, prefix home network of the mobile node the message RtrAdv (HNP) may be included which is, at a mobile node which receives it and its interface HNP can be set based on.

After, local mobility anchor (103) the PMIPv6 domain (105) present and out any node for the mobile node from receiving packets that are being transmitted the hierarchically anchor points and downwardly on a curved portion (anchor point) light incident from the light, received packets are setting two-way tunnel access gateway (102) are transferred in, again mobile access gateway (102) from mobile node through the access link (101) is transferred to a.

Also Figure 2 shows a fast handover proxy mobile IPv6 general outline (PMIPv6-FH) to explain the operation of is general outline.

Also refers to surface 2, mobile node (201) is number 1 mobile access gateway (202) number 2 from mobile access gateway (204) a handover alarm is exemplary.

In PMIPv6-FH, mobile node when it detects that to have undergone an impending handover is informed number 2 receives a random number mobile access gateway (204) number 1 to discern an identifier of a mobile access gateway (are currently connected mobile access gateway) is the relays installed to (not shown).

After, mobile access gateway number 1 (202) number 2 and a mobile access gateway (204) the HI (Handover Initiate) message ((2)) ((1)) and a Hack (Handover acknowledgement) message by device and exchanging said, sets the, bidirectional tunneling between each other. Setting two-way via a tunnel mobile node (201) number 1 the packets toward mobile access gateway (202) number 2 in mobile access gateway (204) is transferred to a (handover temporarily until the completion of).

Local mobility anchor (203) and a mobile access gateway number 2 (204) has a sequence such as described ((3)) and a PBA message PBU message exchange is ((4)). PBU message and PBA message exchange through the local mobility anchor (203) in binding cache is updated when, mobile node (201) packets into or mobile node (201) number 1 the packets from mobile access gateway (202) the reaction and does not, number 2 mobile access gateway (204) directly is serpentine.

Finally number 2 mobile access gateway (204) the mobile node (201) to RtrAdv (Router Advertisement) message may send a ((5)). The, prefix home network of the mobile node the message RtrAdv (HNP) may be included which is, at a mobile node which receives it and its interface HNP can be set based on.

In hereinafter, the present invention according to PMIPv6 a secure connection setup method and handover processing method to explain the several terms defining the before.

MN, MAG_A, MAG_B, LMA each mobile node, number 1 mobile access gateway (MAG_A), number 2 mobile access gateway (MAG_B) and local mobility anchor (LMA) (abbreviation) abbreviation of the/ear however, the context (in particular, in Figure 5 and 4 also) corresponding component identifier (identifier) provided that the mixture by the addition of an initiator.

PK_X and a SK_X disclosure of each X (public key) key (secret key; private key) secret key and a. mixture by the addition of an initiator. SA (X, Y) between the X and a Y. (Security Association) security association. All fields preceding has MAC (K) K for message authentication code is computed using the. mixture by the addition of an initiator (Message Authentication Code). PK_X the disclosure key PK_X a message using a means (encryption) encryption m, Sig[SK_X] preceding has secret key for all fields SK_X using an apparatus of a digital signature (digital signature)..

Furthermore, in hereinafter, T₀ means time stamp is initially, T₁ for the time stamp of the handover point..

Figure 3 shows a a network architectures, and also applied substracte the present invention according to the present invention according to embodiment (key hierarchy) is key hierarchy that describes a general outline.

Also 3 with a, mobile node relate the present invention according to embodiment (301) is number 1 mobile access gateway (302) are connected in on a concentric circle from a, number 2 again mobile access gateway (304) to being handed over is. taking into account the network.

The, mobile node (301) the AAA server (305) various provided with a wire of the present invention and a method through an setting long term symmetric key (long-term symmetric key; K_MN; 311) sharing a is located in. I.e., AAA server (305) and a mobile node (301) module is installed under the security association is predetermined is home is that it. This also be refers to 4 and in Figure 5. similar to that of the.

Long-term symmetric key (K_MN) from session key (K^*; master session key; 312) is generated. Furthermore, local mobility anchor (303) number 1 the mobile access gateway (302) and number 2 mobile access gateway (304) is connected, and manages both. Number 1 mobile access gateway (302) and a mobile access gateway number 2 (304) the same PMIPv6 domain (306) is included.

While, also 3 again a, mobile node (301) and a AAA server (305) for all of the secret keys (key hierarchy) layer the key may allow a user to access. While, mobile access gateways the mobile node or local mobility anchor share the first. access only secret key.

In the present invention, mobile node and mobile access gateway whose lists are session key (313), mobile access gateway and a local mobility anchor whose lists are session key (314) the aforementioned master session keys generated from. Master session key PMIPv6 domain session said terminal when expiration since key effective outside the, mobile node and mobile access gateway whose lists are session key and mobile access gateway and a local mobility anchor whose lists are compared to session key a master session key shorter. for an effective period of time. [...] only, these features is setting security association the present invention according to a high method for processing handover or method having security can be which causes the slower to.

In the present invention, each freshness of a signaling message to ensure one time stamp values is used in. The mobile node, mobile access gateway mobility and a local timestamp time the anchor remains of the cache. Signaling message is received, time stamp values checks the new message when the system is moved to the message authentication code (MAC; Message Authentication Code) of is carried out. For example, time stamp (T₁) when message is received is recorded, received time stamp (T₁) and a current time stamp recorded in a cache time stamp (T₀) compares a a. T₁ > T₀ the currently received only when judges whether a new message, to a message received protocol processing is performed on. If, T₁ > T₀ were not for, messages received at the all protocol interrupts the operation of an a coverage.

In hereinafter, the present constitution of the invention the main component which has an two is described in the context of. PMIPv6 initial authentication procedure first (initial authentication procedure) security in a second method which connection setup, a second method for processing hand-over in PMIPv6 relates to, authentication process in processing handover in particular the following formula 1. (handover authentication procedure).

Also the present invention according to Figure 4 shows a connection setup a secure IPv6 (PMIPv6) mobile ontrol data to explain the method is general outline

Also refers to surface 4, mobile node (401) the first domain PMIPv6 (406) when the. are exampled, of procedures.

First, mobile node (401) is initially time stamp (T₀) and a master session key (K^*) generates a. The, master session key (K^*) mobile node with the AAA server (401) between groups corresponding to already shared key (K_MN) and said initial time stamp (T₀) can be produced based on. E.g., shared key (K_MN) and a time stamp (T₀) a as inputs, the output of pseudo random function (pseudo random function) said master session key (K^*) .can be determined. I.e., K^* =prf (K_MN, T₀) can be represented by.

Next, mobile node (401) a master session key the generated (K^*) using message including message authentication code (MAC) (e.g., RtrSol (Router Solicitation) message ((1))) to a mobile access gateway (402), and transmits the. MAC refers to acknowledgements are to be authentication response (Auth_Rsp) message to the mobile access gateway is is made after receiving the.

Mobile access gateway (402) the mobile node (401) (RtrSol message) message is transmitted after receiving an, received its own secret key (SK_MAGA) performs a signature using (Sig (SK_MAGA)) authorization request message a purifier of cars (Auth_Req message ((2))) for AAA server (405), and transmits the. AAA server included in a message containing a checks that the digital signature with MAC, a message when the discards the. interrupting the progression of procedure. AAA server (405) the contained in a message confirmation result of the digital signature with MAC, problem session key if the key is inputted, (K_MN-MAGA) and a session key (K_LMA-MAGA) generates a, generated session key (K_MN-MAGA) and a session key (K_LMA-MAGA) for authenticating response message (Auth_Rsp message ((3))) in mobile access gateway (402), and transmits the.

The, session key (K_MN-MAGA) the mobile node (401) and an access gateway (402) which a session whose lists are, said master session key (K^*) and a mobile access gateway identifier of said (MAG_A) the pseudo-random based on can be produced by the function. In addition. Session key (K_LMA-MAGA) the local mobility anchor (403) and a mobile access gateway (402) which a session whose lists are, said master session key (K^*), said mobile access gateway (MAG_A) said local mobility anchor (LMA) and an identifier of the pseudo-random based identifier of the can be produced by the function. As the aforementioned, said mobile node is master session key (K*) is a session performed in the domain said PMIPv6 and at the end so that effective outside the, said session key (K_MN-MAGA) and a session key (K_LMA-MAGA) are said PMIPv6 in addition said mobile node is a session performed in the domain outside the effective effective and at the end.

These session keys (Auth_Rsp message) said authentication response message in access gateway mobile in disclosure key (PK_MAGA) included encrypted by. Authentication response message (Auth_Rsp) the local mobility of the anchor a surrounding key disclosure (PK_LMA) by an encrypted master session key (K^*) and a of the mobile node identifier (MN) in addition may be included. Furthermore, authentication response message (Auth_Rsp) the AAA server (405) its secret key (SK_AAA) performs a signature using (Sig (SK_AAA)) is additional.

Mobile access gateway (402) authentication response message upon receiving a (Auth_Rsp), authentication responses received session key is included in a message to (K_MN-MAGA) and a session key (K_LMA-MAGA) using future mobile node (401) and local mobility anchor (403) is to encrypt messages signaling with.

Next, mobile access gateway (402) the session key (K_LMA-MAGA) a is computed using the MAC for PBU message ((4)) of the lower side from the anchor through the local mobility, local mobility anchor from through PBA message ((5)) may receive a response. Next, mobile access gateway (402) the session key (K_MN-MAGA) for MAC using the calculated perspectives and a mobile node through RtrAdv message ((6)) (401) be capable to deliver the reactant to.

Here, PBU message, PBA message, also prior the initiator, a role that each message RtrAdv 1 and 2 through the. same as.

Also the present invention according to Figure 5 shows a proxy mobile IPv6 (PMIPv6) handover processing method is to explain the general outline.

Also refers to surface 5, mobile node (501) mobile access gateway the number 1 (502) of number 2 in access link mobile access gateway (504) of. is being handed over, and connected in access link.

First, mobile node (501) has made its own number 1 mobile access gateway (502) from mobile access gateway number 2 (504) is handover procedure to surface noticing that impending, the informed number 2 mobile access gateway (504) identifier of (MAG_B) and a time stamp (T₁) Start_Auth message including number 1 ((1)) are currently connected a mobile access gateway (502), and transmits the.

Therefore, mobile access gateway number 1 (501) the mobile node (501) is number 1 mobile access gateway (502) from mobile access gateway number 2 (504) to handover soon will be. it detects that.

The, number 1 mobile access gateway (501) mobile access gateway identifier of the number 2 (MAG_B) and a time stamp (T₁) includes an authentication request (Auth_Req) message ((2)) a local mobility anchor (503) of the lower side from the, local mobility anchor (503) from mobile node (501) and a mobile access gateway number 2 (504) is shared among a the session key (K_MN-MAGB) and local mobility anchor (503) number 2 and a mobile access gateway (504) is shared among a the session key (K_LMA-MAGB) includes authentication responses (Auth_Rsp) message ((3)): this recorder receives. Said session key (K_MN-MAGB) and a session key (K_LMA-MAGB) the number 2 mobile access gateway (504) its secret key (PK_MAGB) the authentication response is encrypted with (Auth_Rsp) may be included, authentication request (Auth_Req) message for the mobile number 2 key in access gateway (PK_MAGB) can be included in.

The, said local mobility anchor (LMA) mobile access gateway and said number 2 the number 1 mobile access gateway both can be component of which managing, mobile access gateway mobile access gateway and number 1 number 2 the same PMIPV6. to the terminal, referring to a in the domain.

On the other hand, said session key (K_MN-MAGB) and a session key (K_LMA-MAGB) through 4 also a sequence has the inventive security association setting method much like an session keys in, said mobile node and AAA server (been omitted the in Figure 5) is shared by a symmetric key (symmetric key) K_MN masterbatches prepared from session key (K^*) can be produced based on. Here, master session key (K^*) the mobile node (501) is number 1 mobile access gateway (502) to changed the initial access is enabled already generated (also through the inventive initial authentication procedure 4).

The aforementioned as, master session key (K^*) said PMIPv6 in the domain the mobile node is performing a session and at the end so that effective outside the, said session key (K_MN-MAGB) and a session key (K_LMA-MAGB) in addition master session key is valid only in a period of time can be effective. Said session key (K_MN-MAGB) the master session key (K*) and a mobile access gateway identifier of said number 2 (MAG_B) based on the pseudo-random by the function can be generated, said session key (K_LMA-MAGB) the master session key (K*) and said local mobility anchor and mobile access gateway identifier of number 2 (LMA, MAG_B) the pseudo-random based on patterns can be produced by the function..

Next, mobile access gateway number 1 (501) ((4)) the HI message number 2 through the mobile access gateway authentication response message prior to the received session key (K_MN-MAGB) and a session key (K_LMA-MAGB) for delivery of, Hack message number 2 mobile access gateway from: this recorder receives the responses with ((5)). The, session key (K_MN-MAGB) and a session key (K_LMA-MAGB) mobile access gateway its secret key the number 2 (PK_MAGB) is encrypted with the HI message may be included in ((4)).

Next, mobile access gateway number 2 (504) the PBU message ((7)) ((6)) and a PBA message through the local mobility anchor (503) and a session key (K_LMA-MAGB) performs verification on can be.

Next, mobile access gateway number 2 (504) the RtrAdv message ((8)) through the mobile node (501) to session key (K_MN-MAGB) using the calculated perspectives and a can communicate to a MAC.

Here, PBU message, PBA message, also prior the initiator, a role that each message RtrAdv 1 and 2 through the. same as.

At least one fatty acid, as longitude, the present invention according to security association setting method and, for processing handover method then, the result of calculation pick current density is.

First, in the present invention according to security association setting method mobile access gateway and a local mobility anchor as well as security association between, mobile access mobile node and is connection is set up between the security between the. Therefore, these application signaling messages are shared keys by. or the.

Secondly, in method for processing handover the present invention according to key authentication server AAA process initial access procedure (also 4 through security is described where connection setup method) by which is only performed turn 1, handover system controls an local mobility anchor local key distribution center (local key distribution center) parking equipment is provided to to take on the role of an, AAA server key authentication procedure is performed is allows avoiding the need. Therefore, handover of low efficiency in the course without delay. performance of a rapid handover from one.

Third, the present invention according to the method for processing handover and method setting security association a mobile node is session key is carried out in corresponding PMIPv6 domain the session and at the end outside the effective. Furthermore, whenever handover is generated is publication newly session key. The, session key from inadvertent exposure of the existing method method, even when the publication a plurality of valves is security of the components on the two. relatively low.

Thereby, the cold air flows to standardize the reference to a preferred embodiment of the present invention not described but, corresponding art patent the following is claimed is a classic mirror server one skilled in the art of the present invention is a concept and region within such a range that causes no away from the present invention various modified and change can be 2000 database for each consumer.