Network Working Group P. Kim Internet-Draft Korea Polytechnic University Expires: August 27, 2007 Febrary 23, 2007 Authorizing Binding Mechanism to Reduce Binding Latency during Mobile IPv6 Handover Procedure draft-pskim-fho-authbinding-00.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 23, 2007. Copyright Notice Copyright (C) The Internet Society (2007). Abstract In Mobile IPv6 based IEEE 802.16e wireless networks, to reduce authorizing binding latency, the return routability procedure and the binding update & acknowledgement procedure are defined newly with parameters specified by information on candidate networks where the mobile node can be attached newly, and cryptographic functions of authentication and encryption are also defined newly. The care-of address configuration and the authorizing binding are performed before actual handover for candidate networks where the mobile node can be attached newly. Therefore, the proposed mechanism can make fast authorizing binding, which can reduce binding latency between two nodes and thus enhance throughput degradation caused by the bidirectional tunneling. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 1] Internet-Draft Authorizing Binding Mechanism Febrary 2007 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Network Configuration . . . . . . . . . . . . . . . . . . . . 4 4. New Authorizing Binding Mechanism . . . . . . . . . . . . . . 6 4.1 Tradeoff between Security and QoS in Mobile IPv6 Handover Procedure . . . . . . . . . . . . . . . . . . . . . . . . . 6 4.2 New Return Routability Procedure . . . . . . . . . . . . . . 6 4.3 New Binding Update and Acknowledgement Procedure . . . . . . 9 5. Operation Procedure of Proposed Mechanism . . . . . . . . . . 10 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 11 Intellectual Property and Copyright Statements . . . . . . . . 12 Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 2] Internet-Draft Authorizing Binding Mechanism Febrary 2007 1. Introduction Recently, the IEEE approved the 802.16e standards effort with the avowed intent of increasing the use of broadband wireless access (BWA) by taking advantage of the inherent mobility of wireless media [1]. In the future, the Mobile IPv6 in [2] can be the L3 handover solution for IEEE 802.16e wireless networks. Therefore, the need to communicate efficiently on the move and to minimize the packet loss caused by a handover is becoming increasingly important because handover latency is unnaceptable for real-time IP services. The L3 handover latency in Mobile IPv6 is caused mainly by the movement d etection latency, the care-of address (CoA) configuration latency and the authorizing binding latency as shown in Figure 1. These latencies are inevitable in Mobile IPv6 because of its basic operations. But the combined latency could be appreciable for real-time applications and throughput sensitive applications. Until now, there are some efforts to reduce handover latency in Mobile IPv6 based IEEE 802.16e wireless networks, especially in movement detection phase and in new CoA configuration phase [3][4]. Although packet loss between the mobile node (MN) and the correspondent node (CN) can be minimized during a handover procedure using existing fast handover mechanisms [3][4], the bidirectional tunneling via the home agent cannot be avoided before the binding procedure is completed between two nodes. As shown in [2], the bidirectional tunneling via the home agent may not allow the shortest communications path to be used, which can cause end-to-end delay between two nodes. In addition, this can also cause congestion at the home agent and home link. Moreover, the impact of any possible failure of the home agent or networks on the path to or from it can increase. Therefore, even if no packet loss occurs, two nodes suffer from significant throughput degradation caused by the bidirectional tunneling. In order to solve the mentioned problem, the authorizing binding mechanism between the MN and the CN should be completed within short time as possible. That is, the binding latency should be minimized during the handover procedure. However, as shown in [2], the return routability procedure and the binding update/ack procedure for the authorizing binding mechanism are somewhat time-consuming and computationally burdensome since cryptographic functions for authentication and encryption require considerable computation and CPU processing time. This would be serious when the MN is an embedded mobile platform whose processing capability, power and resource are limited. Therefore, the computation of cryptographic functions can cause the binding latency between two nodes during the handover procedure. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 3] Internet-Draft Authorizing Binding Mechanism Febrary 2007 In this draft, the new authorizing binding mechanism is proposed to reduce the binding latency between the MN and the CN during the Mobile IPv6 handover procedure. To reduce authorizing binding latency, the return routability procedure and the binding update & acknowledgement procedure are defined newly with parameters specified by information on candidate networks where the mobile node can be attached newly, and cryptographic functions of authentication and encryption are also defined newly. The care-of address configuration and the authorizing binding are performed before actual handover for candidate networks where the mobile node can be attached newly. Therefore, the proposed mechanism can make fast authorizing binding, which can reduce binding latency between two nodes and thus enhance throughput degradation caused by the bidirectional tunneling. L2 HO Complete Movement Detection CoA Config L3 HO Complete x------------------x------------------x------------------x | | | | |Movement Detection|CoA Configuration | Binding Latency | | Latency | Latency | between MN & CN | |<---------------->|<---------------->|<---------------->| | | | | | | |<------------------------------------------------------>| Mobile IPv6 Handover Latency Figure 1. Mobile IPv6 Handover Latency 2. Requirements The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 3. Network Configuration As shown in Figure 2, this paper considers the Mobile IPv6 based IEEE 802.16 wireless network which consists of only several access routers (ARs) connected by several base stations (BSs). This network configuration is feasible because several ARs in the IEEE 802.16e wireless network can cover quite a wide area where the MN can move. Moreover, it is assumed that all ARs can share information on candidate networks where the MN can be attached newly. This information includes network prefixes, network identifiers (NIDs) of candidate networks as shown in Figure 3. The MN can acquire this information on candidate networks from a specific message exchange. For example, when the MN is booting, it sends a router information request message using all routers multicast address to current subnet in order to acquire network information on all ARs. In response to router information request message, the AR on the current subnet sends a router information reply message using network information as Figure 3. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 4] Internet-Draft Authorizing Binding Mechanism Febrary 2007 Then, the MN receives this reply message and caches information on all ARs. Note that this router information request and reply procedure is performed once only at the booting time and thus is not performed in real-time communication. In addition, it is assumed that the BS can know its NID by a system administrator's presetting. Note that a change of BS on same subnet does not require a change of AR because the handover between two BSs (i.e., between BS1 and BS2) on same subnet can be carried out using link layer mobility without IP mobility. The handover between two BSs is outside the scope of L3 handover mechanisms. However, a change of BS between different subnets (i.e., between BS2 and BS3) requires a change of AR using IP mobility, because the MN would be attaching to a different subnet. In this case, a L3 handover mechanism would need to be invoked in order to provide low handover latency between the two ARs. Therefore, it should be required to know whether the MN changes BS or AR. Note that this paper borrows all of the terminology from the existing mechanism [2]-[4] and the IEEE 802.16e specification [1]. BS3 BS BS BS \ / \ / /------\ /------\ | AR | | AR | \------/ \------/ Subnet B Subnet D / \ / \ / \ / \ / \ / \ / \ / \ Subnet A Subnet C Subnet E /--------\ /-----------\ /-----------\ | AR | ------ | AR | | AR | \--------/ \-----------/ \-----------/ / | \ / | \ / | \ / | \ / | \ / | \ BS1 BS2 BS BS BS BS BS BS BS Figure 1. Mobile IPv6 based IEEE 802.16e Wireless Network Table 1. Information on Access Subnets -------------------------------------------------------------- Subnet NID Network Prefix Candidate Networks -------------------------------------------------------------- A 0x01 3ffe:2e01:2a:101 B, C -------------------------------------------------------------- B 0x02 3ffe:2e01:2a:102 A, C -------------------------------------------------------------- C 0x03 3ffe:2e01:2a:103 A, B, D -------------------------------------------------------------- D 0x04 3ffe:2e01:2a:104 C, E -------------------------------------------------------------- E 0x05 3ffe:2e01:2a:105 E -------------------------------------------------------------- Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 5] Internet-Draft Authorizing Binding Mechanism Febrary 2007 4. New Authorizing Binding Mechanism 4.1 Tradeoff between Security and QoS in Mobile IPv6 Handover Procedure As shown in [2], during Mobile IPv6 handover procedure, the bidirectional tunneling via the home agent cannot be avoided before the binding procedure is completed between MN and CN. The bidirectional tunneling via the home agent does not allow the shortest communications path to be used, which can cause end-to-end delay between two nodes. For example, a VoIP application is much more sensitive to delays than its traditional data counterparts. A few seconds¡¯ slowdown is negligible for downloading a file. However, a mere 150-millisecond delay can turn a crisp VoIP call into a garbled, unintelligent mess. In addition, this can also cause congestion at the home agent and home link. Moreover, the impact of any possible failure of the home agent or networks on the path to or from it can increase. Therefore, even if no packet loss may occur using existing fast handover mechanisms [3][4] in Mobile IPv6 based IEEE 802.16e wireless networks, two nodes suffer from significant throughput degradation caused by the bidirectional tunneling before the authorizing binding procedure is completed. That is, the binding procedure using cryptographic functions can help secure the Mobile IPv6 communication between two nodes, but it also introduces significant QoS issues such as delay, congestion, etc. This means there is a tradeoff between security and QoS. In order to resolve above problem, the authorizing binding between two nodes should be completed within short time as possible. However, as shown in [1], the return routability (RR) procedure and the binding update (BU) & binding acknowledgement (BA) procedure for the authorizing binding mechanism are somewhat time-consuming and computationally burdensome since cryptographic functions for authentication and encryption require considerable computation time and amount, which might introduce the binding latency. In particular, if either the MN and/or CN are embedded mobile platforms with limited resources (e.g., limited processing capability, power), then this problem becomes more critical. 4.2 New Return Routability Procedure In this section, the RR procedure is newly defined with parameters specified by network information on candidate networks. In addition, cryptographic functions of authentication and encryption are also defined newly for the new RR procedure. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 6] Internet-Draft Authorizing Binding Mechanism Febrary 2007 ¡à Four Messages for New RR Procedure Four messages for the new RR procedure are defined with parameters specified by network information on candidate networks where the MN can be attached newly. The MN sends a Home Test Init (HoTI) message to the CN (via the home agent) to acquire the home keygen token for candidate networks. In the message, the filed of parameters can be defined as follows: - Parameters for candidate networks : . NIDs . care-of addresses . home init cookies The MN generates home init cookies and care-of addresses for candidates networks and then includes them in HoTI message as parameters. The MN sends a Care-of Test Init (CoTI) message to the CN (directly, not via the home agent) to acquire the care-of keygen token for candidate networks. In the message, the filed of parameters can be defined as follows: - Parameters for candidate networks : . NIDs . care-of addresses . care-of init cookies The MN generates care-of init cookies and care-of addresses for candidate networks and then includes them in CoTI message. The Home Test (HoT) message is sent in response to a HoTI message. It is sent via the home agent. In the message, the filed of parameters can be defined as follows: - Parameters for candidate networks : . NIDs . home init cookies . home keygen tokens . home nonce indices Home init cookies from the MN are returned in the HoT message, to ensure that the message comes from a node on the route between the home agent and the CN. Home nonce indices are delivered to the MN to later allow the CN to efficiently find the nonce value that it used in creating home keygen tokens. The CN generates home init cookies, home keygen tokens and home nonce indices for candidate networks and then includes them in HoT message as parameters. The cryptic function to obtain home keygen tokens is shown in the following subsection. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 7] Internet-Draft Authorizing Binding Mechanism Febrary 2007 The Care-of Test (CoT) message is sent in response to a CoTI message. This message is not sent via the home agent, it is sent directly to the MN. In the message, the filed of parameters can be defined as follows: - Parameters for candidate networks : . NIDs . care-of init cookies . care-of keygen tokens . care-of nonce indices Care-of nonce indices are provided to identify the nonce used for care-of keygen tokens. Home and care-of nonce indices may be the same, or different, in HoT and CoT messages. The CN generates care-of init cookies, care-of keygen tokens, care-of nonce indices for candidate networks and then includes them in CoT as parameters. The cryptic function to obtain care-of keygen tokens is shown in the following subsection. ¡à Processing Cryptographic Functions for New RR Procedure In HoT and CoT messages, nonces are random numbers used internally by the CN in the creation of keygen tokens related to the RR procedure. The CN has a secret key (Kcn) which must be a random number, 20 octets in length. The CN generates secret keys as the number of NIDs and the life time of Kcn should be same as a nonce, so that nonce index can identify both the nonce and the Kcn. Using the nonce and the Kcn, the keygen token (Kgt) is generated by the CN in the RR procedure to enable the MN to compute the necessary binding management key for BU and BA procedure. The care-of Kgt is sent by the CN in the CoT message. The home Kgt is sent by the CN in the HoT message. When the CN receives the HoTI message, it generates home keygen tokens for candidate networks. The home Kgt_NID for the corresponding NID is computed as follows: home keygen token (Kgt_NID) := First (64, HMAC_SHA1 (Kcn_NID, (HoA | nonce_NID | 0))) where | denotes concatenation. This concatenation to indicate bytewise concatenation, as in A | B. This concatenation requires that all of the octets of the datum A appear first in the result, followed by all of the octets of the datum B. The final "0" inside the HMAC_SHA1 function is a single zero octet, used to distinguish home and care-of cookies from each other. nonce_NID is the HoTI nonce for the corresponding NID with the home nonce index. When the CN receives the CoTI message, it generates care-of keygen tokens for candidate networks. The care-of Kgt_NID for the corresponding NID is computed as follows: Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 8] Internet-Draft Authorizing Binding Mechanism Febrary 2007 care-of keygen token (Kgt_NID):= First (64, HMAC_SHA1 (Kcn_NID, (CoA_NID | nonce_NID | 1))) where the final "1" inside the HMAC_SHA1 function is a single octet containing the hex value 0x01, and is used to distinguish home and care-of cookies from each other. The care-of KgtNID is formed from the first 64 bits of the MAC, and sent directly to the MN at its care-of address. The care-of init cookie from the CoTI message is returned to ensure that the message comes from a node on the route to the CN. nonce_NID is the HoTI nonce for corresponding NID with the care-of nonce index. 4.3 New Binding Update and Acknowledgement Procedure When the MN has received both the HoT and CoT messages, the return routability procedure is completed. And then, the BU & BA procedure is performed between MN and CN for the authorizing binding. Therefore, in this section, the new BU and BA procedure is defined with parameters specified by network information on candidate networks where the MN can be attached newly. In addition, cryptographic functions of authentication and encryption are also defined newly for the new BU and BA procedure. ¡à BU and BA Messages The MN sends the BU message to the CN directly. In the BU message, the filed of parameters can be defined as follows: - Parameters for candidate networks : . NIDs . home address . sequence number . home nonce indices . care-of nonce indices . binding update keys The BU contains home and care-of nonces, indicating to the CN which nonces to use to compute the binding management key. The MN generates BU keys as the number of NIDs for candidate networks and then includes them in the BU message as parameters. The cryptic function to obtain BU keys is shown in the following subsection. The BU is in some cases acknowledged by the CN. In the BA message, the filed of parameters can be defined as follows: - Parameters for candidate networks : . NIDs . sequence number . binding ack keys The CN generates BA keys as the number of NIDs for candidate networks and then includes them in the BA message. The cryptic function to obtain BA keys is shown in the following subsection. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 9] Internet-Draft Authorizing Binding Mechanism Febrary 2007 ¡à Processing Cryptographic Functions for New RR Procedure When the return RR is complete, the MN hashes the tokens together to form a 20 octet binding management keys for candidate networks. The binding management key (Kbm_NID) for the corresponding NID is computed as follows: Kbm_NID = SHA1 (home Kgt_NID | care-of Kgt_NID) Kbm_NID is a key used for the BU and BA procedure of corresponding NID. The RR procedure provides a way to create a binding management key. The BU may also be used to delete a previously established binding. In this case, the care-of Kgt_NID is not used. Instead, the Kbm_NID for the corresponding NID is generated as follows: Kbm_NID = SHA1(home Kgt_NID) In the BU and BA procedure, BU keys and BA keys are required as the number of NIDs, respectively. The BU key (Kbu_NID) for the corresponding NID is computed as follows: Kbu_NID = First (96, HMAC_SHA1 (Kbm_NID, (CoA_NID | CN | BU))) and the BA key (Kba_NID) for the corresponding NID is computed as follows: Kba_NID = First (96, HMAC_SHA1 (Kbm_NID, (CoA_NID | CN | BA))) 5. Operation Procedure of Proposed Mechanism To describe the operation procedure of the proposed mechanism, it will be assumed that the MN moves from the home network ¡®Network A¡¯ to the ¡®Network C¡¯ and then moves to the ¡®Network E¡¯. For the proposed mechanism, when the MN is on the ¡®Network A¡¯, the MN creates CoA and performs the new authorizing binding for candidate networks ¡®Network C¡¯ and ¡®Network E¡¯ at appropriate time using network information cached beforehand, such as network prefixes, NIDs as shown in Figure 3. After the movement detection, the direct communication between MN and CN can be started without the CoA configuration and the authorizing binding on ¡®Network C¡¯. Especially, the authorizing binding latency between two nodes can be reduced remarkably because somewhat time-consuming and computationally burdensome tasks are performed beforehand. On the other hand, in the existing mechanism [2]-[4], these time-consuming and computationally burdensome tasks for authorizing binding are performed during the Mobile IPv6 handover procedure. Therefore, the proposed mechanism can make fast authorizing binding, which can reduce binding latency between two nodes and thus enhance throughput degradation caused by the bidirectional tunneling. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 10] Internet-Draft Authorizing Binding Mechanism Febrary 2007 6. References 6.1 Normative [1] IEEE 802.16 TGe Working Document (Draft Standard), "Amendment for Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands", 802.16e/D12, October 2005. [2] Johnson, D.B., Perkins, C.E., Arkko, J.: Mobility Support in IPv6. IETF RFC 3775, June 2004 [3] Jang, H. "Mobile IPv6 Fast Handovers over IEEE 802.16e Networks", IETF Draft:draft-jang-mipshop-fh80216e-02.txt, Feb 2006. [4] Koodli, R. "Fast Handovers for Mobile IPv6", IETF RFC 4068, Jul 2005. 6.2 Informative None Authors' Addresses Pyungsoo Kim Department of Electronics Engineering, Korea Polytechnic University, 2121 Jungwang-Dong, Shiheung City, Gyeonggi-Do 429-793 KOREA Phone: +82 31 8041 0489 EMail: pskim@kpu.ac.kr Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 11] Internet-Draft Authorizing Binding Mechanism Febrary 2007 Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Kim Authorizing Binding Mechanism to Reduce Binding Latency [Page 12]