Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Ilsun YOU, Kouichi SAKURAI, Yoshiaki HORI, "A Security Analysis on Kempf-Koodli's Security Scheme for Fast Mobile IPv6" in IEICE TRANSACTIONS on Communications,
vol. E92-B, no. 6, pp. 2287-2290, June 2009, doi: 10.1587/transcom.E92.B.2287.
Abstract: Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.
URL: https://global.ieice.org/en_transactions/communications/10.1587/transcom.E92.B.2287/_p
Copy
@ARTICLE{e92-b_6_2287,
author={Ilsun YOU, Kouichi SAKURAI, Yoshiaki HORI, },
journal={IEICE TRANSACTIONS on Communications},
title={A Security Analysis on Kempf-Koodli's Security Scheme for Fast Mobile IPv6},
year={2009},
volume={E92-B},
number={6},
pages={2287-2290},
abstract={Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.},
keywords={},
doi={10.1587/transcom.E92.B.2287},
ISSN={1745-1345},
month={June},}
Copy
TY - JOUR
TI - A Security Analysis on Kempf-Koodli's Security Scheme for Fast Mobile IPv6
T2 - IEICE TRANSACTIONS on Communications
SP - 2287
EP - 2290
AU - Ilsun YOU
AU - Kouichi SAKURAI
AU - Yoshiaki HORI
PY - 2009
DO - 10.1587/transcom.E92.B.2287
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E92-B
IS - 6
JA - IEICE TRANSACTIONS on Communications
Y1 - June 2009
AB - Recently, the security scheme, proposed by Kempf and Koodli, has been adopted as a security standard for Fast handover for Mobile IPv6. But, it does not prevent denial of service attacks while resulting in high computation cost. More importantly, we find that it is still vulnerable to redirection attacks because it fails to secure the Unsolicited Neighbor Advertisement messages. In this paper, Kempf-Koodli's scheme is formally analyzed through BAN-logic and its weaknesses are demonstrated.
ER -