MIPSHOP Working Group A. Yegin Internet-Draft Samsung Expires: October 2, 2007 K. Chowdhury Starent Networks March 31, 2007 FMIPv6 Security Association draft-yegin-fmip-sa-00 Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on October 2, 2007. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This document describes a mechanism to dynamically generate a security association between the mobile node and the FMIPv6 access router to secure the FMIPv6 protocol messages. The mechanism relies on generating a local security association based on the network access authentication. Yegin & Chowdhury Expires October 2, 2007 [Page 1] Internet-Draft FMIPv6 Security Association March 2007 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. FMIPv6 Security Association . . . . . . . . . . . . . . . . . 4 2.1 Key Derivation . . . . . . . . . . . . . . . . . . . . . . 4 2.2 Key Distribution . . . . . . . . . . . . . . . . . . . . . 4 3. Using the SA . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. Support for non-EAP-based Architectures . . . . . . . . . . . 6 5. Security Considerations . . . . . . . . . . . . . . . . . . . 7 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 7. Normative References . . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 8 Intellectual Property and Copyright Statements . . . . . . . . 9 Yegin & Chowdhury Expires October 2, 2007 [Page 2] Internet-Draft FMIPv6 Security Association March 2007 1. Introduction The current Fast Handovers for Mobile IPv6 (FMIPv6) protocol [RFC4068] lacks a mechanism to secure the signaling between the mobile node (MN) and the access router (AR). At the core of this problem is the absence of a security association (SA) between the two nodes. When the SA is present, it can be used with Binding Authorization Data for FMIPv6 (BADF) option to provide authentication and integrity protection for the protocol messages. EAP [RFC3748] is used in various mobile and wireless network architectures (e.g., WiFi, WiMAX, cdma2K). One important feature of EAP is its ability to dynamically generate a secret key shared by the EAP peer running on the MN and the authenticator running on the network access server (NAS). This shared secret key (MSK -- master session key [RFC3748]) can be utilized to derive another secret key (FMIP-key) to be shared by the MN and the AR in the access network. This document describes how FMIP-key can be derived and used to secure FMIPv6 protocol messages. Yegin & Chowdhury Expires October 2, 2007 [Page 3] Internet-Draft FMIPv6 Security Association March 2007 2. FMIPv6 Security Association FMIPv6 security association (FMIP-SA) includes four parameters: The peer identifier (FMIP-PID), the shared secret key (FMIP-key), the SPI (FMIP-SPI), and the SA lifetime (FMIP-lifetime). FMIP-PID of the MN is the Identity used during the EAP authentication. FMIP-PID of the AR is the IP address of the AR. FMIP-key is generated according to the following subsections. FMIP-SPI value MUST be set to 1 upon initial EAP authentication with the authenticator, increased by 1 for each subsequent EAP re- authentication with the same authenticator, and set back to 1 after wrapping around. FMIP-lifetime is set to the lifetime of the MSK. 2.1 Key Derivation The following formula is used to generate FMIP-key. FMIP-key = HMAC-SHA1(MSK, "FMIPv6 key derivation" | MN-ID | AR- IPaddr) MSK is the secret key generated by the EAP method execution and shared by the MN and the NAS [RFC3748]. MN-ID is the Indetity presented by the MN during the EAP authentication. AR-IPaddr is the IP address of the AR used for FMIPv6 protocol messaging. 2.2 Key Distribution Since the EAP peer and FMIPv6 mobile node implementations reside on the same MN, derivation and delivery of the FMIP-SA is internal to that node. There is no additional protocol needed to carry the SA parameters. In typical architectures and deployments, the AR and the NAS are co- located. In case they are not, there needs to be a protocol to carry the SA parameters from the NAS to the AR. The choice and details of that protocol are architecture-specific and therefore outside the scope of this document. Yegin & Chowdhury Expires October 2, 2007 [Page 4] Internet-Draft FMIPv6 Security Association March 2007 3. Using the SA The dynamically generated SA can be directly used with Binding Authorization Data for FMIPv6 (BADF) option. Yegin & Chowdhury Expires October 2, 2007 [Page 5] Internet-Draft FMIPv6 Security Association March 2007 4. Support for non-EAP-based Architectures The same mechanism can be used with any architecture as long as there is an equivalent of MSK shared between the MN and the NAS. Since such a key would be architecture specific, it is hard to define it in a generic but interoperable way in this document.[TBD: Give an example from 3GPP.] Yegin & Chowdhury Expires October 2, 2007 [Page 6] Internet-Draft FMIPv6 Security Association March 2007 5. Security Considerations TBD. Yegin & Chowdhury Expires October 2, 2007 [Page 7] Internet-Draft FMIPv6 Security Association March 2007 6. IANA Considerations This document has no actions for IANA. 7. Normative References [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. Levkowetz, "Extensible Authentication Protocol (EAP)", RFC 3748, June 2004. [RFC4068] Koodli, R., "Fast Handovers for Mobile IPv6", RFC 4068, July 2005. Authors' Addresses Alper E. Yegin Samsung Phone: Email: alper01.yegin@partner.samsung.com Kuntal Chowdhury Starent Networks Phone: Email: kchowdhury@starentnetworks.com Yegin & Chowdhury Expires October 2, 2007 [Page 8] Internet-Draft FMIPv6 Security Association March 2007 Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Yegin & Chowdhury Expires October 2, 2007 [Page 9]