Analysis of the HIP base exchange protocol

Authors:
Tuomas Aura;Aarthi Nagarajan;Andrei Gurtov
Affiliations:
Microsoft Research, Cambridge, United Kingdom;Technische Universität Hamburg-Harburg, Germany;Helsinki Institute for Information Technology, Finland
Venue:
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Year:
2005

Citing 3
Cited 8

Key Exchange in IPSec: Analysis of IKE

IEEE Internet Computing
Pricing via Processing or Combatting Junk Mail

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
DOS-Resistant Authentication with Client Puzzles

Revised Papers from the 8th International Workshop on Security Protocols

Cost-based and time-based analysis of DoS-resistance in HIP

ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Timed analysis of security protocols

Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Experimental measurements of host identity protocol for mobile nodes' networks

Journal of Computer Systems, Networks, and Communications
Security analysis of the proposed practical security mechanisms for high speed data transfer protocol

AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
Anchor-less secure session mobility

Proceedings of the 15th international conference on Security protocols
Examining the dos resistance of HIP

OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
Sybil-resistant DHT routing

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Multi-layer security analysis and experimentation of high speed protocol data transfer for GRID

International Journal of Grid and Utility Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Host Identity Protocol (HIP) is an Internet security and multi-addressing mechanism specified by the IETF. HIP introduces a new layer between the transport and network layers of the TCP/IP stack that maps host identifiers to network locations, thus separating the two conflicting roles that IP addresses have in the current Internet. This paper analyzes the security and functionality of the HIP base exchange, which is a classic key exchange protocol with some novel features for authentication and DoS protection. The base exchange is the most stable part of the HIP specification with multiple existing implementations. We point out several security issues in the current protocol and propose changes that are compatible with the goals of HIP.