short-paper

Hardening Opportunistic HIP

Authors:

Andrei GurtovAuthors Info & Claims

MSWiM '17: Proceedings of the 20th ACM International Conference on Modelling, Analysis and Simulation of Wireless and Mobile Systems

Pages 123 - 127

https://doi.org/10.1145/3127540.3127571

Published: 21 November 2017 Publication History

Abstract

As mobile and multi-homed devices are becoming ubiquitous, the need for a dynamic, yet secure communication protocol is unavoidable. The Host Identity Protocol (HIP) was constructed to meet this requirement; to provide significantly more secure mobility and multi-homing capabilities. HIP opportunistic mode, which is to be used when other, more trusted mechanisms are lacking, is based on a leap of faith (LoF) paradigm. In this paper, we analyze different Man in the middle (MiTM) attacks which might occur under this LoF, and propose a set of tweaks for hardening opportunistic HIP (HOH) that strengthen opportunistic mode's security.

References

[1]

Jari Arkko, Thomas Henderson, and Christian Vogt. Host mobility with the host identity protocol. 2017.

[2]

Tuomas Aura, Aarthi Nagarajan, and Andrei Gurtov. Analysis of the hip base exchange protocol. In Australasian Conference on Information Security and Privacy, volume 21, pages 481--493. Springer, 2005.

Digital Library

[3]

Steve Deering and Robert Hinden. Rfc 2460: Internet protocol, 1998.

[4]

Andrei Gurtov. Host identity protocol (HIP): towards the secure mobile internet, volume 21. John Wiley & Sons, 2008.

[5]

Andrei Gurtov and Tom Henderson. The host identity protocol (hip) experiment report. 2012.

[6]

Andrei Gurtov, Miika Komu, and Robert Moskowitz. Host identity protocol: identifier/locator split for host mobility and multihoming. Internet Protocol J, 12(1):27--32, 2009.

[7]

Thomas Henderson, Tobias Heer, Petri Jokela, and Robert Moskowitz. Host identity protocol version 2 (hipv2). 2015.

[8]

Petri Jokela. Using the encapsulating security payload (esp) transport format with the host identity protocol (hip). 2008.

[9]

Christophe Kalt. Rfc 2813: Internet relay chat: Server protocol. Network Working Group, IETF. En ligne. http://tools.ietf.org/html/rfc2813, 2000.

[10]

Kristiina Karvonen, Miika Komu, and Andrei Gurtov. Usable security management with host identity protocol. In AICCSA, pages 279--286, 2009.

[11]

S Kent. Rfc 4303. IP Encapsulating Security Payload (ESP), 2005.

[12]

Miika Komu and Janne Lindqvist. Leap-of-faith security is enough for ip mobility. In 2009 6th IEEE Consumer Communications and Networking Conference, pages 1--5. IEEE, 2009.

[13]

J Laganier and L Eggert. Rfc 5204: Host identity protocol (hip) rendezvous extension. Request for Comments, 5204, 2011.

[14]

Paul Mockapetris. Rfc 1034: Domain names: concepts and facilities (november 1987). Status: Standard, 6, 2003.

[15]

P Nikander, T Henderson, C Vogt, and J Arkko. Rfc 5206: End-host mobility and multihoming with the host identity protocol. Request for Comments, 5206, 2008.

[16]

P Nikander and J Laganier. Rfc 5205: Host identity protocol (hip) domain name system (dns) extension. Request for Comments, 5205, 2008.

[17]

Pekka Nikander, Jukka Ylitalo, and Jorma Wall. Integrating security, mobility and multi-homing in a hip way. In NDSS, volume 3, pages 6--7, 2003.

[18]

Viet Pham and Tuomas Aura. Security analysis of leap-of-faith protocols. In International Conference on Security and Privacy in Communication Systems, pages 337--355. Springer, 2011.

[19]

Oleg Ponomarev and Andrei Gurtov. Using dns as an access protocol for mapping host identifiers to locators. In Routing in Next Generation Workshop, Madrid, Spain, 2007.

[20]

Jon Postel et al. Rfc 791: Internet protocol. 1981.

[21]

E Rescorla. Rfc 2631: Diffie-hellman key agreeement method. RTFM Inc., juin, 1999.

[22]

Ph D Peter Sjödin. Efficient leap of faith security with host identity protocol.

[23]

Ariel Stulman, Jonathan Lahav, and Avraham Shmueli. Spraying diffie-hellman for secure key exchange in manets. In Cambridge International Workshop on Security Protocols, pages 202--212. Springer, 2013.

[24]

Ariel Stulman and Alan Stulman. Spraying techniques for securing key exchange in large ad-hoc networks. In Proceedings of the 11th ACM Symposium on QoS and Security for Wireless and Mobile Networks, pages 29--34. ACM, 2015.

Digital Library

[25]

Samu Varjonen and Tobias Heer. Host identity protocol certificates. 2011.

[26]

Samu Varjonen, Miika Komu, and Andrei Gurtov. Secure and efficient ipv4/ipv6 handovers using host-based identifier-locator split. In Software, Telecommunications & Computer Networks, 2009. SoftCOM 2009. 17th International Conference on, pages 111--115. IEEE, 2009.

[27]

Zachary Zeltsan, Sarvar Patel, Igor Faynberg, and Alec Brusilovsky. Passwordauthenticated key (pak) diffie-hellman exchange. 2010.

Cited By

Fuchs AStulman AGurtov A(2021)IoT and HIP's Opportunistic ModeIEEE Transactions on Mobile Computing10.1109/TMC.2020.296704420:4(1434-1448)Online publication date: 1-Apr-2021
https://doi.org/10.1109/TMC.2020.2967044
Naeem MELAttar HAboul-Dahab M(2019)An Optimized Load Balance Solution for Multi-homed Host in Heterogeneous Wireless NetworksSensors10.3390/s1912277319:12(2773)Online publication date: 20-Jun-2019
https://doi.org/10.3390/s19122773

Index Terms

Hardening Opportunistic HIP
1. Security and privacy
  1. Network security
    1. Mobile and wireless security
    2. Security protocols

Recommendations

Virtual address space mapping for IP auto-configuration in MANET with security capability
ICAIT '08: Proceedings of the 2008 International Conference on Advanced Infocomm Technology

Mobile Ad Hoc Networks (MANETs) are networks with self-organizing capabilities and without a fixed infrastructure. Wireless nodes communicate among themselves using multi-hop radio relaying, without requiring the packets to pass through a central access ...
Mobility-Based Routing in Opportunistic Networks

In Opportunistic Networks OppNets nodes are only intermittently connected. A complete path from the sender node to the receiver does not exist. Mobile objects exploit direct contact for message transmission without relying on an existing end to end ...
Security and trust management in opportunistic networks: a survey

As a new networking paradigm, opportunistic networking communications have great vision in animal migration tracking, mobile social networking, network communications in remote areas and intelligent transportation, and so on. Opportunistic networks are ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MSWiM '17: Proceedings of the 20th ACM International Conference on Modelling, Analysis and Simulation of Wireless and Mobile Systems

November 2017

340 pages

ISBN:9781450351621

DOI:10.1145/3127540

General Chair:
Antonio Loureiro
Federal University of Minas Gerais, Brazil
,
Program Chairs:
Hsiao-Chun Wu
Louisiana State University, USA
,
Richard Yu
Carleton University, Canada

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSIM: ACM Special Interest Group on Simulation and Modeling

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

MSWiM '17

Sponsor:

SIGSIM

MSWiM '17: 20th ACM Int'l Conference on Modelling, Analysis and Simulation of Wireless and Mobile Systems

November 21 - 25, 2017

Florida, Miami, USA

Acceptance Rates

MSWiM '17 Paper Acceptance Rate 29 of 142 submissions, 20%;

Overall Acceptance Rate 398 of 1,577 submissions, 25%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
76
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Fuchs AStulman AGurtov A(2021)IoT and HIP's Opportunistic ModeIEEE Transactions on Mobile Computing10.1109/TMC.2020.296704420:4(1434-1448)Online publication date: 1-Apr-2021
https://doi.org/10.1109/TMC.2020.2967044
Naeem MELAttar HAboul-Dahab M(2019)An Optimized Load Balance Solution for Multi-homed Host in Heterogeneous Wireless NetworksSensors10.3390/s1912277319:12(2773)Online publication date: 20-Jun-2019
https://doi.org/10.3390/s19122773

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten