Mobile IPv6 Location Privacy Solutions draft-irtf-mobopts-location-privacy-solutions-01.txt

1
Mobile IPv6 Location Privacy Solutions
draft-irtf-mobopts-location-privacy-solutions-01.t
xt

• Ying Qiu, Fan Zhao, Rajeev Koodli

2
Outline

• Analysis of Location Privacy in MIP6
• Hiding Mobile Node's Location Movement
  Information
• Pseudo Home Address
• Hiding HoA in Home Binding Update procedure
• Hiding HoA in RR procedure
• Traffic Packets between MN and CN in RO mode
• Hiding CoA via Reverse Tunneling Mode
• Location Privacy with Unmodified RR Signaling
• Route-Optimized Binding Update to CN
• Reverse-tunneled Binding Update to CN

3
Analysis of Location Privacy in MIP6

• Current MIP6 specification doesnt consider
  location privacy
• Both CoA and HoA are visible to onlookers in the
  following messages
• Home Binding Update and Acknowledgement
• Correspondent Binding Update and Acknowledgement
• Prefix Discovery
• Data packets between MN and CN in the RO mode
• HoA is visible in the HoTI/HoT message on the
  HA-CN path.
• In RO mode, CoA cant be hidden from CN.
• In RT mode, CoA can be hidden from CN and
  onlooker.

4
Hiding Mobile Node's Location Movement
Information (1)

• Pseudo Home Address
• Not to reveal the real Home Address
• Use some other field to substitute the real HoA
• The field must be communicated securely
• The field itself must not become a target of
  profiling
• The field is recovered from the real HoA by the
  HA and CN
• Pseudo_HoA HMAC_SHA1(Kph, Previous Pseudo_HoA))
• where, Kph is the symmetric key between MN and HA

5
Hiding Mobile Node's Location Movement
Information (2)

• Hiding HoA in Home Binding Update Procedure(i)
• BU message
• IPv6 header
• source CoA
• destination HA
• Destination option header
• Home Address option (Pseudo_HoA)
• ESP header in transport mode
• Mobility header
• Home Binding Update
• Alternative CoA option (CoA)

6
Hiding Mobile Node's Location Movement
Information (3)

• Hiding HoA in Home Binding Update Procedure (ii)
• BA message
• IPv6 header
• source HA
• destination CoA
• Destination option header
• Home Address option (Pseudo_HoA)
• ESP header in transport mode
• Mobility header
• Home Binding Acknowledgement

7
Hiding Mobile Node's Location Movement
Information (4)

• Hiding HoA in RO mode (i)
• HoTI in MN-HA path
• IPv6 header
• source CoA
• destination HA
• ESP header in tunneling mode
• IPv6 header
• source HoA
• destination CN
• Mobility header
• HoTI
• HoTI in HA-CN path
• IPv6 header
• source HA
• destination CN
• Destination option
• Pseudo_HoA
• Mobility header

8
Hiding Mobile Node's Location Movement
Information (4)

• Hiding HoA in RO mode (ii)
• HoT in CN-HA path
• IPv6 header
• source CN
• destination HA
• Destination option
• Pseudo_HoA
• Mobility header
• HoT
• HoT in HA-MN path
• IPv6 header
• source HA
• destination CoA
• ESP header in tunneling mode
• IPv6 header
• source CN
• destination HoA
• Mobility header

9
Hiding Mobile Node's Location Movement
Information (5)

• Hiding HoA in RO mode (iii)
• Correspondent Binding Update
• CoTI/CoT no change
• BU message
• IPv6 header
• source CoA
• destination CN
• Destination option
• E(Kbm, Pseudo_HoA) a) hide the relationship
  between CoA and Pseudo_HoA
• b) recoverable by CN
• Mobility header
• BU(Pseudo_HoA, home nonce index, ...)
• where
• Kbm SHA1 (home keygen token care-of keygen
  token) no change
• home keygen token First (64, HMAC_SHA1(Kcn,
  (Pseudo_HoA nonce 0)))
• care-of keygen token First (64, HMAC_SHA1(Kcn,
  (CoA nonce 1))) no change

10
Hiding Mobile Node's Location Movement
Information (6)

• Hiding HoA in RO mode (iv)
• Traffic Packets between MN and CN
• Packets from MN to CN
• IPv6 header
• source CoA
• destination CN
• Destination option
• Pseudo_HoA
• Payload
• Packets from CN to MN
• IPv6 header
• source CN
• destination CoA
• Routing Header
• Pseudo_HoA
• Payload

11
Hiding Mobile Node's Location Movement
Information (7)

• Hiding CoA via Reverse Tunneling Mode
• To hide its CoA from the CN and its HoA from an
  onlooker, the data packets between MN and CN
  traffic through HA in reverse tunneling mode.
  (modified according to Vijay comments)

In path MN-HA IPv6 header source CoA
destination HA ESP header in tunnel mode
IPv6 header source HoA
destination CN Payload In path HA-CN
IPv6 header source HoA destination
CN Payload
In path CN-HA IPv6 header source
CN destination HoA Payload In path
HA-MN IPv6 header source HA
destination CoA ESP header in tunnel mode
IPv6 header source CN
destination HoA Payload
12
Hiding Mobile Node's Location Movement
Information (8)

• The increment of Sequence Numbers
• seq_increment First(8, HMAC_SHA1(Kbm, home
  nonce index care nonce index))
• Seq previous Seq seq_increment.
• If seq_increment 0, then
• seq_increment 1.
• If new Seq gt 216-1,
• new Seq 216-1.

13
Location Privacy with Unmodified RR Signaling (1)

• Brief Idea
• both CN and MN derive a shared privacy management
  key, Kpm, from the keygen tokens achieved in the
  home address and care-of address test procedures
  
• afterwards, MN uses Kpm to hide its home address
  in the Binding Update to CN
• finally CN authenticates the received Binding
  Update and restores the MN'S home address
  therein.

14
Location Privacy with Unmodified RR Signaling (2)

• Route-Optimized Binding Update to CN (1)
• make the home address invisible to onlookers by
  replacing the real HoA with a Pseudo HoA
• CN generates after getting HoTI
• Privacy_Keygen_Token
• First (64, Kcn(HoA set to all zeros nonce
  0))
• MN computes after getting HoT
• Kpm SHA1 (Privacy_Keygen_Token care-of keygen
  token)
• and
• Pseudo_Home_Address String XOR HoA
• where,
• String First (128, HMAC_SHA1 (Kpm,
• (CoA Home Nonce Index Care-of Nonce
  Index)))

15
Location Privacy with Unmodified RR Signaling (3)

• Route-Optimized Binding Update to CN (2)
• CN compute Kpm when receives a BU with
  Pseudo_HoA.
• The computation is similar to how it would
  compute Kbm, except that the Privacy Keygen Token
  is computed with HoA set to all zeros.
• CN computes the String and recovers the HoA with
  Kpm.
• CN compute the home keygen token, the Kbm, and
  verify the MAC for the Binding Update.
• If Binding Update processing is successful, the
  Pseudo Home Address is considered valid.
• CN then stores the nonce indices, and the Kbm
  itself.
• CN sends a normal Binding Acknowledgment to the
  MN.
• The String is computed once by both the MN and
  the CN, and hence the Pseudo Home Address as
  computed above remains constant, until one of the
  address cookies expires or the MN undergoes a
  handover.

16
Location Privacy with Unmodified RR Signaling (4)

• Reverse-tunneled Binding Update to CN
• MN may send the BU not directly to CN, but via HA
• IPv6 header
• source CoA
• destination HA
• ESP header in tunneling mode
• IPv6 header
• source HoA
• destination CN
• Mobility header
• BU
• Alternate Care-of Address option (care-of
  address)
• CN, after getting the BU, computes the Kbm first.
• verifies the MAC for the Binding Update
• recovers the HoA from the Pseudo HoA, then
  verifies if it is actually the HoA present in the
  source IP address.

17
Q A

• Thank You