64 Chapter 3: Mobile IP Security
timestamp and the current time is greater than the allowed interval, it rejects the registration
with an error code of 133, registration id mismatch. The Home Agent also updates the higher
32 bits with the current timestamp in the RRP. Upon receipt of the RRP, the Mobile Node
matches the sent RRQ message to the received reply by comparing the lower 32 bits and then
updating its time by computing an offset. The offset is the difference between the Mobile
Node’s time and the Home Agent’s time, plus the estimated latency of the link. The latency is
estimated by halving the time difference from when the RRQ was sent and when the reply was
received. The Mobile Node then attempts to reregister with this updated timestamp.
Nonces Replay Protection
Nonces are a concept where the identification field is split into two 32-bit values; the low-order
values are allocated by the Mobile Node and the high-order values are allocated by the Home
Agent. For every RRQ, the Mobile Node generates a new lower-order value. The Home Agent
copies that value into the lower-order portion of the identification field in the reply and
generates a new random value for the high-order portion. The values generated by the Home
Agent are then saved and used as the high-order portion of the identification field in the next
RRQ sent by the Mobile Node. Because the Home Agent always knows what the next high-
order portion of the identification field is supposed to be and the Mobile Node changes the
lower-order portion, it can easily determine whether a message is being replayed.
Mobile Node and Foreign Agent Authentication and Challenge
Mechanism
The Mobile Node-FA Authentication Extension is intended to provide authenticated
communication between the Mobile Node and FA. However, it suffers from several deployment
problems that have kept it from widespread adoption. Use of the original Mobile Node-FA
Authentication Extension would require every Mobile Node to have a key for every FA it
visited, and every FA to have a key for every potential Mobile Node. Clearly, key management
and distribution on such a scale is simply not practical. Moreover, the MFAE also does not
provide replay protection because the timestamp and nonces methods are between the Home
Agent and Mobile Node only. (Refer to the section “Replay Protection Methods,” earlier in this
chapter.)
In most deployment cases, this was not an issue because Mobile Node-FA authentication was
not needed. However, when Mobile IP was adopted as part of the CDMA 2000 standard,
authentication at the FA was deemed necessary precisely for replay concerns, but it could not
be easily achieved using the Mobile Node-FA Authentication Extension. Again, one of the
major problems was key distribution. Not only was it not part of the standard, but with
intercarrier roaming, it was also not desirable to send actual key values to roaming partners.
Get Mobile IP Technology and Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
