Research On Binding Update Message Authentication Mechanism Based On Home Agent

With the expansion of the scale of computer network and the rapid developmentof communication technology, IPv6protocol is getting more and more attention.IPv6has a large address space, solving the problem of the lack of IP address and improvingthe network throughput, supporting security and mobility much more convenient andmuch better. Mobile IPv6provides mobility support, and the binding updateregistration mechanism is the key to the realization of mobile IPv6technology. Therouting optimization mechanism in the binding update registration can effectivelyavoid " triangle route " problem, realize the routing optimization, reduce the systemoverhead and redundancy, enhance the system robustness.However, the mechanismhas some security risks.Mobile IPv6may suffer from common security threats likereplay attack, man-in-the-middle attack and denial of service attack.This paper is about the binding update registration authentication betweenMobile Nodes and Correspondent Nodes.Currently,There are two ways to protect thebinding update registration authentication. The first way is using an authenticationmechanism which involves the third party, while the second one don’t involve thethird party. Since the authentication mechanism without third party is more flexibleand convenient, it has become the research focus direction.The author adopts the second way to study binding update registrationauthentication mechanism between MN and CN. Firstly, the author presents thebackground and research status quo of Mobile IPv6, and anylises the security risks inMobile IPv6.Then based on the discussion of existing binding update authenticationmechanism, this paper proposes a binding update authentication mechanism based onthe home agent. This mechanism uses HA to verify the identity of MN and it also canverify the identity of CN on the premise that the binding update between mobile nodeand home agent has completed. The proposed mechanism repeatedly uses symmetricencryption to assure the security of the binding update process and to enhance theefficiency. The analysis of the security reveals that this mechanism can resist thecommon attacks. The simulation results show that the performance of the proposedscheme in terms of time has some advantages and lower packet loss rate.