Security Considerations for Mobile IP
In many situations, mobile computers use wireless links to connect to the network.
Wireless links are particularly vulnerable to passive eavesdropping, active replay attacks, and other
active attacks.
Because Mobile IP recognizes its inability to reduce or eliminate this vulnerability, Mobile
IP uses a form of authentication to protect Mobile IP registration messages from
these types of attack. The default algorithm that is used is MD5,
with a key size of 128 bits. The default operational mode requires that
this 128-bit key precede and succeed the data to be hashed. The foreign
agent uses MD5 to support authentication. The foreign agent also uses key sizes
of 128 bits or greater, with manual key distribution. Mobile IP can support
more authentication algorithms, algorithm modes, key distribution methods, and key sizes.
These methods do prevent Mobile IP registration messages from being altered. However, Mobile
IP also uses a form of replay protection to alert Mobile IP
entities when they receive duplicates of previous Mobile IP registration messages. If this protection
method were not used, the mobile node and its home agent might
become unsynchronized when either of them receives a registration message. Hence, Mobile IP
updates its state. For example, a home agent receives a duplicate deregistration message
while the mobile node is registered through a foreign agent.
Replay protection is ensured either by a method known as nonces, or
timestamps. Nonces and timestamps are exchanged by home agents and mobile nodes within
the Mobile IP registration messages. Nonces and timestamps are protected from change by
an authentication mechanism. Consequently, if a home agent or mobile node receives a
duplicate message, the duplicate message can be thrown away.
The use of tunnels can be a significant vulnerability, especially if registration is
not authenticated. Also, the Address Resolution Protocol (ARP) is not authenticated, and
can potentially be used to steal another host's traffic.
Use of IPsec With Mobile IP
In general, because home agents and foreign agents are fixed entities, they can
use IPsec authentication or encryption to protect both Mobile IP registration messages and
forward and reverse tunnel traffic. This process works completely independently of Mobile
IP, and only depends on the workstation's ability to perform IPsec functions. Mobile
nodes can also use IPsec authentication to protect their registration traffic. If the
mobile node registers through a foreign agent, in general the mobile node
cannot use IPsec encryption. The reason that the mobile node cannot use IPsec
encryption is because the foreign agent must be able to check the information
in the registration packet. While IPsec encryption could be used when a foreign
agent is not needed, the issue of colocation makes this difficult to achieve.
IPsec is an IP-level security relationship. Consequently, a home agent would have to
know the mobile node's colocated address without prior information or registration messages.
For more information about IPsec, see Chapter 19, IP Security Architecture (Overview) or Chapter 20, Configuring IPsec (Tasks).