Secure AAA and Mobility for Nested Mobile Networks

Abstract

Network mobility (NEMO) allows an entire network to change its point of attachment to Internet. The NEMO basic support protocol has been specified recently, however Authentication Authorization and Accounting (AAA) issues have not been covered. Moreover the use of IPsec to secure NEMO procedures does not provide robustness against leakage of stored secrets. To address this security issue and to achieve AAA with mobility, we propose a new handover mechanism to be performed by Visiting Mobile Routers attached to a Mobile Router that serves as the gateway to the Internet (i.e. nested NEMO). This new AAA and handover procedure is based on Leakage Resilient-Authenticated Key Establishment (LR-AKE) protocol but new features are added to provide robustness against leakage of stored secrets at the server side.