Authenticated binding update in Mobile IPv6 networks

Mobile IPv6 allows mobile nodes to remain reachable while moving around in the Internet. In Mobile IPv6, each mobile node is always identified by its home address, regardless of its current point of attachment to the Internet. While situated away from its home, a mobile node is also associated with a care-of address, which provides information about the mobile node´s current location. This chapter reviews security threats and solutions in Mobile IPv6 with particular emphasis on security of binding update operation - a central and mandatory operation to achieve efficient mobility support in Mobile IPv6. The binding update operation allows a mobile node to inform its home agent and its correspondent nodes about its new care-of address. Unauthenticated or malicious binding updates, however, open the door for intruders to perform redirect attacks - malicious acts which redirect traffic from home agent or correspondent nodes to locations chosen by intruders. We present various methods for securing the binding update operation, analyze their security and performance, and point out possible future research directions.