WO2009067905A1 - A method, system and apparatus for preventing hostile attack - Google Patents

A method, system and apparatus for preventing hostile attack Download PDF

Info

Publication number
WO2009067905A1
WO2009067905A1 PCT/CN2008/072984 CN2008072984W WO2009067905A1 WO 2009067905 A1 WO2009067905 A1 WO 2009067905A1 CN 2008072984 W CN2008072984 W CN 2008072984W WO 2009067905 A1 WO2009067905 A1 WO 2009067905A1
Authority
WO
WIPO (PCT)
Prior art keywords
credential
binding update
update message
proxy binding
aaa server
Prior art date
Application number
PCT/CN2008/072984
Other languages
French (fr)
Chinese (zh)
Inventor
Jing Chen
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2009067905A1 publication Critical patent/WO2009067905A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A method, system and apparatus for preventing hostile attack are disclosed. The method includes: obtaining the certification which is used to protect proxy binding update message; sending the proxy binding update message which is protected by the certification to local mobility anchor; receiving proxy binding acknowledgement returned by the local mobile anchor after it authenticated the proxy binding update message. The system includes: PMIP tunnel's origin point and PMIP tunnel's end point; the PMIP tunnel's origin point obtains the certification which is used to protect the proxy binding update message of the PMIP tunnel, then sends the proxy binding update message which is protected by the certification to the PMIP tunnel's end point; the PMIP tunnel's end point authenticates the proxy binding update message. The problem brought by hostile attack of MAG is avoided by obtaining a certification, protecting the proxy binding update message by the certification, and authenticating the proxy binding update message.

Description

防止恶意攻击的方法、 系统和装置 本申请要求于 2007年 11月 8日提交中国专利局、 申请号为 200710124445.0、 发明名称 为"防止恶意攻击的方法、 系统和装置"的中国专利申请的优先权, 其全部内容通过引用结合 在本申请中。  METHOD , SYSTEM AND APPARATUS FOR PREVENTING SECURITY ATTACKS This application claims priority to Chinese Patent Application filed on November 8, 2007, the Chinese Patent Office, Application No. 200710124445.0, entitled "Methods, Systems and Devices for Preventing Malicious Attacks" The entire contents of which are incorporated herein by reference.
 Say
技术领域 Technical field
本发明涉及通信技术领域, 尤其涉及 MIP (Mobile IP, 移动 IP) 注册过程中防止恶意攻 击的方法、 系统和装置。  The present invention relates to the field of communications technologies, and in particular, to a method, system and apparatus for preventing malicious attacks during MIP (Mobile IP) registration.
 Book
背景技术 Background technique
MIP( Mobile IP,移动 IP)是一种基于 IP的三层移动技术,其主要作用在于使得 MN(Mobile MIP (Mobile IP, Mobile IP) is an IP-based three-layer mobile technology whose main role is to make MN (Mobile)
Node, 移动节点) 离开其归属网络时, 仍然可以使用其在归属网络的地址 (家乡地址) 进行 通信。 MIP的基本工作原理简述如下: Node, mobile node) can still use its home network address (home address) to communicate when leaving its home network. The basic working principle of MIP is as follows:
1 ) MN漫游到非家乡网络, 获得一个本地 IP地址 (转交地址);  1) The MN roams to the non-home network and obtains a local IP address (care-of address);
2) MN发送绑定更新消息给家乡代理(Home Agent, HA), 将其转交地址和家乡地址进 行绑定;  2) The MN sends a binding update message to the Home Agent (HA), and binds its care-of address to the home address;
3 ) HA广播其对家乡地址的可达性, 从而接收所有发送给 MN的数据包。 HA根据家乡 地址和转交地址的绑定关系, 将所有发送给 MN的数据包转发给 MN。  3) HA broadcasts its reachability to the home address, thereby receiving all packets sent to the MN. The HA forwards all data packets sent to the MN to the MN according to the binding relationship between the home address and the care-of address.
4) MN发送的数据包按照正常的路由方式路由给网络的其他节点。  4) The data packets sent by the MN are routed to other nodes of the network according to the normal routing method.
MIP 消息中绑定更新消息 (binding update , BU ) 和绑定更新响应 (binding acknowledgement, BA)需要提供安全保护, 防止攻击者伪造 BU消息或 BA消息来错误地更 新 HA上转交地址和家乡地址的绑定关系, 从而将 MN的数据包路由到错误的节点上, 实现 对用户的拒绝服务攻击、 窃听攻击等。  The binding update message (BU) and the binding acknowledgement (BA) in the MIP message need to provide security protection to prevent the attacker from forging the BU message or the BA message to incorrectly update the care-of address and home address on the HA. The binding relationship is used to route the MN's data packet to the wrong node to implement a denial of service attack and eavesdropping attack on the user.
MIP按照协议的版本分可以分为 MIPv4和 MIPv6, 按照绑定更新消息的发起者可以分为 基于主机的 CMIP ( Client MIP)和基于网络的 PMIP (Proxy MIP)。 PMIP的优点在于 MN不 需要实现 MIP协议, 所有的 MIP操作在网络侧完成。 PMIPv6的工作原理描述如下:  MIP can be divided into MIPv4 and MIPv6 according to the version of the protocol. The initiators of the binding update message can be divided into host-based CMIP (Client MIP) and network-based PMIP (Proxy MIP). The advantage of PMIP is that the MN does not need to implement the MIP protocol, and all MIP operations are done on the network side. The working principle of PMIPv6 is described as follows:
1 ) 网络侧的移动接入网关 (Mobile Access Gateway, MAG) 代替 MN发送绑定更新消 息给本地移动锚点 (Local Mobility Agent, LMA), 1) The mobile access gateway (MAG) on the network side sends the binding update cancellation instead of the MN. Information to the Local Mobility Agent (LMA),
2) LMA收集所有发送给 MN的数据包, 并将其转发给 MAG。 MAG再将数据包转发给 画。  2) The LMA collects all packets sent to the MN and forwards them to the MAG. The MAG then forwards the packet to the picture.
在 PMIPv6中,代理绑定更新消息(proxy binding update, PBU)和代理绑定更新响应(proxy binding acknowledgement, PBA) 也需要进行安全保护。 在 PMIPv6中, 使用 MAG和 LMA 之间的 IP网络安全协议 (IP security protocol, IPsec) 对 PBU和 PBA消息进行安全保护。  In PMIPv6, proxy binding update (PBU) and proxy binding acknowledgement (PBA) also need to be secured. In PMIPv6, IP security protocols (IPsec) between MAG and LMA are used to secure PBU and PBA messages.
但是, 由于 PBU消息由网络侧的实体 MAG代替 MN发送, 因此仅用 MAG和 LMA之 间的 IPsec对 PBU和 PB A消息进行安全保护是不够的。这是因为: 一个恶意的 MAG可以代 表任何 MN向 LMA发送 PBU消息, 从而修改任何 MN在 LMA的地址绑定关系。 这样一个 恶意的 MAG可能对其他 MAG控制下的 MN的安全造成如下影响:  However, since the PBU message is sent by the entity MAG on the network side instead of the MN, it is not enough to secure the PBU and PB A messages only by IPsec between the MAG and the LMA. This is because: A malicious MAG can send any PNB message to the LMA on behalf of any MN, thus modifying the address binding relationship of any MN in the LMA. Such a malicious MAG may have the following effects on the security of MNs under other MAG control:
1 ) 恶意的 MAG可以代表用户发送 PBU消息, 这样这个用户的数据将流到这个恶意的 MAG上, 恶意的 MAG可以获取用户的数据。  1) A malicious MAG can send a PBU message on behalf of the user, so that the user's data will flow to the malicious MAG, and the malicious MAG can obtain the user's data.
2) 恶意的 MAG可以代表用户发送 PBU消息来改变用户的绑定信息, 这样可以实施对 用户的拒绝服务攻击。  2) A malicious MAG can send a PBU message on behalf of a user to change the binding information of the user, so that a denial of service attack against the user can be implemented.
3 ) 恶意的 MAG使用用户的 PBU消息来进行 MIP注册, 从而获得业务, 并将费用记在 这个用户上。  3) The malicious MAG uses the user's PBU message to register with the MIP, thereby obtaining the service and recording the fee on the user.
而目前并没有技术能够解决恶意 MAG攻击所带来的问题。 发明内容  At present, there is no technology that can solve the problems caused by malicious MAG attacks. Summary of the invention
本发明的实施例提供防止恶意攻击的方法、 系统和相应的装置, 以解决前面提到的现有 技术中存在的问题。  Embodiments of the present invention provide methods, systems, and corresponding apparatus for preventing malicious attacks to solve the problems of the prior art mentioned above.
为达到上述目的, 提供一种防止恶意攻击的方法, 包括如下步骤:  To achieve the above objective, a method for preventing malicious attacks is provided, which includes the following steps:
移动接入网关获得用于保护绑定更新消息的信任状;  The mobile access gateway obtains a credential for protecting the binding update message;
移动接入网关向本地移动锚点发送利用该信任状进行保护的绑定更新消息;  The mobile access gateway sends a binding update message that is protected by the credential to the local mobility anchor point;
本地移动锚点验证该绑定更新消息。  The local mobility anchor verifies the binding update message.
还提供一种防止恶意攻击的方法, 包括如下步骤:  A method of preventing malicious attacks is also provided, including the following steps:
一段 PMIP隧道的起点获得用于保护该段 PMIP隧道的绑定更新消息的信任状; 该 PMIP隧道的起点向该段 PMIP隧道的终点发送利用该信任状进行保护的绑定更新消 息;  The start point of the segment of the PMIP tunnel obtains a credential for protecting the binding update message of the PMIP tunnel; the starting point of the PMIP tunnel sends a binding update message that is protected by the credential to the end of the PMIP tunnel;
该 PMIP隧道的终点验证该绑定更新消息。 还提供一种防止恶意攻击的系统, 该系统包括 PMIP隧道的起点和 PMIP隧道的终点; 该 PMIP隧道的起点获得用于保护该段 PMIP隧道的绑定更新消息的信任状, 向该 PMIP 隧道的终点发送利用该信任状进行保护的绑定更新消息; The end of the PMIP tunnel verifies the binding update message. A system for preventing malicious attacks is also provided, the system comprising a starting point of a PMIP tunnel and an end point of a PMIP tunnel; a starting point of the PMIP tunnel obtaining a credential for protecting a binding update message of the segment PMIP tunnel, to the PMIP tunnel The end point sends a binding update message that is protected by the credential;
该 PMIP隧道的终点验证该绑定更新消息。  The end of the PMIP tunnel verifies the binding update message.
还提供一种 PMIP隧道的起点装置, 所述装置包括:  A starting point device for a PMIP tunnel is also provided, the device comprising:
信任状获取单元: 用于获取保护 PMIP隧道的绑定更新消息的信任状, 并将该信任状提 供给消息发送单元;  a credential obtaining unit: configured to obtain a credential of a binding update message that protects the PMIP tunnel, and provide the credential to the message sending unit;
消息发送单元: 用于向 PMIP隧道的终点发送利用该信任状进行保护的绑定更新消息。 还提供一种 PMIP隧道的终点装置, 该装置包括:  The message sending unit is configured to send a binding update message that is protected by the credential to the end point of the PMIP tunnel. A terminal device for a PMIP tunnel is also provided, the device comprising:
消息接收单元: 用于接收 PMIP隧道的起点发送的利用信任状进行保护的绑定更新消息; 验证单元: 用于验证该绑定更新消息。  a message receiving unit: configured to receive a binding update message that is protected by a credential sent by a starting point of the PMIP tunnel; and a verification unit: configured to verify the binding update message.
还提供一种家乡 AAA服务器, 该家乡 AAA服务器包括:  There is also a home AAA server, which includes:
消息接收单元:用于接收 PMIP隧道的终点发送的要求验证 MN-AAA认证扩展的请求消 息;  a message receiving unit: a request message for receiving an end point of the PMIP tunnel and requesting verification of the MN-AAA authentication extension;
验证单元: 用于验证该 MN- AAA认证扩展;  Verification unit: used to verify the MN-AAA authentication extension;
消息发送单元: 用于在验证成功后, 发送验证成功消息。  Message sending unit: Used to send a verification success message after the verification is successful.
还提供一种家乡 AAA服务器, 该家乡 AAA服务器包括:  There is also a home AAA server, which includes:
消息接收单元: 用于接收 PMIP隧道的终点发送的要求获得信任状的请求消息, 并触发 消息发送单元;  a message receiving unit: configured to receive a request message for obtaining a credential sent by an end point of the PMIP tunnel, and trigger a message sending unit;
消息发送单元: 用于将验证绑定更新消息所需的信任状发送给该 PMIP隧道的终点。 通过让移动接入网关获得一个信任状, 利用该信任状对绑定更新消息进行保护, 并验证 该绑定更新消息使得只有当前为移动节点提供服务的移动接入网关才能代理移动节点发送绑 定更新消息, 从而避免恶意 MAG攻击所带来的问题。 附图说明  Message sending unit: Used to send the credential required to verify the binding update message to the end point of the PMIP tunnel. By having the mobile access gateway obtain a credential, the binding update message is protected by the credential, and the binding update message is verified so that only the mobile access gateway currently serving the mobile node can proxy the mobile node to send the binding. Update the message to avoid problems caused by malicious MAG attacks. DRAWINGS
图 1是本发明实施例一中防止恶意攻击方法的流程图;  1 is a flowchart of a method for preventing malicious attacks in Embodiment 1 of the present invention;
图 2是本发明实施例二中防止恶意攻击方法的流程图;  2 is a flowchart of a method for preventing malicious attacks in Embodiment 2 of the present invention;
图 3是本发明实施例三中防止恶意攻击方法的流程图;  3 is a flowchart of a method for preventing malicious attacks in Embodiment 3 of the present invention;
图 4是本发明实施例四中防止恶意攻击方法的流程图;  4 is a flowchart of a method for preventing malicious attacks in Embodiment 4 of the present invention;
图 5是本发明实施例五中防止恶意攻击方法的流程图; 图 6是本发明实施例六中防止恶意攻击系统的示意图; 5 is a flowchart of a method for preventing malicious attacks in Embodiment 5 of the present invention; 6 is a schematic diagram of a system for preventing malicious attacks in Embodiment 6 of the present invention;
图 7是本发明实施例七中 PMIP隧道的起点装置的示意图;  7 is a schematic diagram of a starting point device of a PMIP tunnel in Embodiment 7 of the present invention;
图 8是本发明实施例八中 PMIP隧道的终点装置的示意图;  8 is a schematic diagram of an end device of a PMIP tunnel in Embodiment 8 of the present invention;
图 9是本发明实施例九中家乡 AAA服务器的示意图;  9 is a schematic diagram of a hometown AAA server according to Embodiment 9 of the present invention;
图 10是本发明实施例十中家乡 AAA服务器的示意图。 具体实施方式  FIG. 10 is a schematic diagram of a hometown AAA server according to an embodiment of the present invention. detailed description
以下提供若干实施例,这些实施例所提供的方案使得当前不为某个 MN提供服务的 MAG 无法代理该 MN发送有效的 PBU, 从而解决现有技术中存在的问题, 实现本发明的目的。  Several embodiments are provided below. The solutions provided by these embodiments enable a MAG that does not currently provide a service for a certain MN to send a valid PBU to the MN, thereby solving the problems in the prior art and achieving the object of the present invention.
本发明实施例提供的防止恶意攻击的方法, 包括: 获取用于保护代理绑定更新消息的信 任状; 向本地移动锚点发送利用所述信任状进行保护的代理绑定更新消息; 接收所述本地移 动锚点验证所述代理绑定更新消息后返回的代理绑定更新响应。  The method for preventing a malicious attack provided by the embodiment of the present invention includes: acquiring a credential for protecting a proxy binding update message; and sending, to a local mobility anchor, a proxy binding update message that is protected by using the credential; The local mobility anchor verifies the proxy binding update response returned after the proxy binding update message.
本发明的实施例一提供了一种防止恶意攻击的方法, 如图 1所示, 包括:  A first embodiment of the present invention provides a method for preventing a malicious attack. As shown in FIG. 1, the method includes:
步骤 101 : MN与 MAG进行接入认证,接入认证过程需要家乡 AAA服务器(Home AAA Server, HAAA) 的参与。 MAG和 HAAA之间还可能存在代理 AAA服务器。  Step 101: The MN and the MAG perform access authentication, and the access authentication process requires the participation of a home AAA server (HAAA). There may also be a proxy AAA server between MAG and HAAA.
步骤 102:接入认证成功后, HAAA生成 MAG使用的信任状,并将该信任状发送给 MAG。 步骤 102可以在步骤 101之后完成, 也可以作为步骤 101中的一个具体步骤来实现。  Step 102: After the access authentication succeeds, the HAAA generates a credential used by the MAG, and sends the credential to the MAG. Step 102 can be completed after step 101, or can be implemented as a specific step in step 101.
本实施例中的信任状可以有多种, 例如, HAAA计算得到的密钥等等。  The credentials in this embodiment may be various, for example, a key calculated by HAAA or the like.
步骤 103: MAG向 LMA发送 PBU消息, 该 PBU消息利用上述信任状进行保护。  Step 103: The MAG sends a PBU message to the LMA, where the PBU message is protected by using the above-mentioned trust.
步骤 104: LMA与 HAAA进行交互, 对该 PBU进行验证。  Step 104: The LMA interacts with the HAAA to verify the PBU.
步骤 105: 验证成功后, 向 MAG返回 PBA消息。  Step 105: After the verification is successful, return a PBA message to the MAG.
在上述步骤的基础上, 当 MN更换为其提供服务的 MAG后, HAAA会为新的 MAG生 成新的信任状, 这样, 旧的 MAG就无法利用其保存的信任状, 因为, 如果旧的 MAG发送 利用旧的信任状进行保护的 PBU消息, 该 PBU将被拒绝, HAAA不会通过验证。  Based on the above steps, after the MN replaces the MAG that provides the service, HAAA will generate a new credential for the new MAG, so that the old MAG cannot use its saved credential, because, if the old MAG Send a PBU message protected with the old credential, the PBU will be rejected, and HAAA will not pass the verification.
通过实施例一所述的方法, 使得只有当前为 MN提供服务的 MAG能够拥有正确的信任 状, 并代理 MN发送绑定更新消息。 这就使得恶意的 MAG无法修改 MN在 LMA的地址绑 定关系, 避免恶意 MAG攻击所带来的问题。  By the method described in the first embodiment, only the MAG currently serving the MN can have the correct trust, and the proxy MN sends the binding update message. This makes it impossible for a malicious MAG to modify the address binding relationship of the MN in the LMA to avoid the problems caused by malicious MAG attacks.
需要指出的是, 上述步骤 101和步骤 105是为了便于技术人员了解具体流程而写, 对于 实现本发明的目的来说并不是必需的。 本领域技术人员应该知道: 对于防止恶意攻击这一目 的来说, 只要具备上述实施例一中的步骤 102〜步骤 104就足够了, 且本领域技术人员还能 够知道: 在后续其他实施例中, 类似步骤 101和步骤 105的步骤对于实现本发明的目的来说 也不是必需的。 本发明的实施例二提供了一种防止恶意攻击的方法, 如图 2所示, 包括: It should be noted that the above steps 101 and 105 are written to facilitate the technician to understand the specific process, and are not necessary for the purpose of implementing the present invention. It should be known to those skilled in the art that it is sufficient for the purpose of preventing malicious attacks, as long as the steps 102 to 104 in the first embodiment are provided, and those skilled in the art can It is sufficient to know that in subsequent embodiments, steps similar to steps 101 and 105 are not necessary for the purposes of the present invention. A second embodiment of the present invention provides a method for preventing a malicious attack. As shown in FIG. 2, the method includes:
步骤 201 : 画 禾 P MAG、 HAAA执行 EAP AKA (Extensible Authentication Protocol- Step 201: Draw P MAG, HAAA Execute EAP AKA (Extensible Authentication Protocol-
Authentication and Key Agreement, 认证和密钥认同的可扩展认证协议 ) 认证过程进行接入认 证。 Authentication and Key Agreement, Extensible Authentication Protocol for Authentication and Key Identity) The authentication process performs access authentication.
步骤 202: 完成对 MN的认证后, HAAA和 MN共享密钥 Ks。 Ks是 EAP AKA认证过程 的结果。 如 Ks = CK||IK, 其中, CK和 IK为认证向量中的密钥, 由归属用户服务器 (Home Subscriber Server, HSS)发送到 HAAA。 MN利用通用移动通信系统用户标识模块(Universal Mobile Telecommunications System Subscriber Identity Module,UMTS USIM) 计算得到 CK和 IK;或者 Ks为 HAAA根据 CK禾 P/或 IK推演得到的密钥,如 Ks=KDF(CK||IK, MAG ID,…)。 HAAA保存 Ks。  Step 202: After completing the authentication of the MN, the HAAA and the MN share the key Ks. Ks is the result of the EAP AKA certification process. For example, Ks = CK||IK, where CK and IK are the keys in the authentication vector, and are sent to HAAA by the Home Subscriber Server (HSS). The MN calculates CK and IK using the Universal Mobile Telecommunications System Subscriber Identity Module (UMTS USIM); or Ks is the key derived by HAAA based on CK and P/ or IK, such as Ks=KDF(CK ||IK, MAG ID,...). HAAA saves Ks.
步骤 203 : HAAA利用 Ks推演得到密钥 K。推演密钥 Κ的参数可以包括 MAG身份 (MAG ID)、 MN身份 (MN ID) 等。  Step 203: HAAA uses Ks to derive the key K. The parameters of the derivation key 可以 may include a MAG identity (MAG ID), a MN identity (MN ID), and the like.
本实施例中, HAAA将得到的密钥 K作为信任状, 该方式是 HAAA生成信任状的一种 方式, 本发明实施例不排除 HAAA还可以通过其它方式生成信任状。  In this embodiment, the HAAA obtains the key K as a credential. The method is a way for the HAAA to generate a credential. The embodiment of the present invention does not exclude that the HAAA can generate a credential by other means.
步骤 204: HAAA将密钥 K发送给 MAG。 如图 2所示, 密钥 K可以携带在 EAP认证成 功消息中。 HAAA和 MAG之间的通信可以采用 IPsec等安全机制保证安全。  Step 204: HAAA sends the key K to the MAG. As shown in Figure 2, the key K can be carried in the EAP authentication success message. The communication between HAAA and MAG can be secured by security mechanisms such as IPsec.
步骤 205: MAG保存密钥 K, 并发送 EAP认证成功消息给 ΜΝ。  Step 205: The MAG saves the key K, and sends an EAP authentication success message to the MA.
步骤 206: MAG代理 MN发送代理绑定更新消息 PBU。 该 PBU利用信任状即密钥 K进 行保护。 具体的保护方法为该 PBU中携带利用密钥 K计算得到的 MN-AAA认证扩展。  Step 206: The MAG proxy MN sends a proxy binding update message PBU. The PBU is protected with a credential, key K. The specific protection method is that the PBU carries the MN-AAA authentication extension calculated by using the key K.
步骤 207: LMA请求 HAAA验证 MN-AAA认证扩展, 也就是验证 PBU消息。  Step 207: The LMA requests the HAAA to verify the MN-AAA authentication extension, that is, to verify the PBU message.
步骤 208: HAAA验证该认证扩展。 具体来说, 如果 HAAA保存了密钥 K, 那么直接利 用密钥 Κ验证 MN-AAA认证扩展; 如果 HAAA没有保存密钥 K, 那么 HAAA利用 Ks推演 得到 K, 然后验证 MN-AAA认证扩展。  Step 208: HAAA verifies the authentication extension. Specifically, if HAAA holds the key K, then the key Κ is used to verify the MN-AAA authentication extension; if HAAA does not save the key K, then HAAA uses Ks to derive K, and then verifies the MN-AAA authentication extension.
步骤 209: 验证成功后, HAAA发送验证成功消息给 LMA。  Step 209: After the verification succeeds, the HAAA sends a verification success message to the LMA.
步骤 210: LMA发送 PB A消息给 MAG。  Step 210: The LMA sends a PB A message to the MAG.
完成上述步骤后, 后续 MAG每次发送 PBU消息时, 都需要携带 MN-AAA认证扩展, 并由 LMA与 HAAA进行交互, 对该 PBU进行验证。 如图 2中步骤 211〜步骤 215所示, 这 些步骤与前述步骤 206〜步骤 210相同。 After the above steps are performed, each subsequent MAG needs to carry the MN-AAA authentication extension, and the LMA interacts with the HAAA to verify the PBU. As shown in step 211 to step 215 in FIG. 2, this These steps are the same as the aforementioned steps 206 to 210.
当 MN更换为其提供服务的 MAG后, MN可能执行重新认证过程, HAAA获得新的 CK 和 /或 IK, 进而更新 Ks; 或者 MN不执行重新认证过程, HAAA感知到 MAG的更换后, 使 用旧的 CK和 /或 IK, 并根据其他的输入参数 (如 MAG ID等) 推演得到新的 Ks。 HAAA在 新的 Ks的基础上为新的 MAG生成新的密钥 K (即信任状), 以使得旧的 MAG无法利用其 保存的密钥 K。因为利用该旧的密钥 Κ进行保护的 PBU消息无法通过验证,其绑定更新请求 将被拒绝。如图 2步骤 216〜步骤 225所示, 是 MN更换为其提供服务的 MAG后, MN执行 重新认证过程的情况下, 防止恶意攻击的方法。 可以看到, 步骤 216〜步骤 225与前述步骤 201〜步骤 210实质上是相同的。  After the MN is replaced with the MAG that provides the service, the MN may perform the re-authentication process, the HAAA obtains a new CK and/or IK, and then updates the Ks; or the MN does not perform the re-authentication process, and the HAAA senses the MAG replacement and uses the old CK and / or IK, and derive new Ks based on other input parameters (such as MAG ID, etc.). HAAA generates a new key K (ie, a credential) for the new MAG based on the new Ks, so that the old MAG cannot use its saved key K. Since the PBU message protected with the old key cannot be verified, its binding update request will be rejected. As shown in step 216 to step 225 of FIG. 2, after the MN replaces the MAG that provides the service, the MN performs a re-authentication process to prevent malicious attacks. It can be seen that steps 216 to 225 are substantially the same as steps 201 to 210 described above.
为了防止重放攻击, MAG可以在上述步骤 206、 步骤 211、步骤 221的 PBU消息中携带 时间戳。  To prevent the replay attack, the MAG may carry the timestamp in the PBU message in the foregoing step 206, step 211, and step 221.
考虑当前为 MN提供服务的 MAG将其密钥 K泄漏给其他 MAG使用的威胁时, 需要分 两种情况讨论:  When considering the threat that the MAG currently serving the MN leaks its key K to other MAGs, it needs to be discussed in two cases:
( 1 )在 HAAA保存密钥 K的情况下, 可以通过将密钥 K和 MAG ID关联保存的方法以 使得密钥 K和 MAG绑定。 当 HAAA查找密钥 K时, 不仅仅根据 MN的身份进行查找, 还 根据 MAG ID一起进行查找。这样当 MAG1将其存储的密钥 K泄漏给 MAG2使用的情况下, MAG2发送的 PBU消息将因无法找到对应的密钥 K而无法通过验证。  (1) In the case where HAAA stores the key K, the key K and the MAG may be bound by a method of associating the key K with the MAG ID. When HAAA finds the key K, it not only searches according to the identity of the MN, but also searches according to the MAG ID. Thus, when MAG1 leaks its stored key K to MAG2, the PBU message sent by MAG2 will not be verified because the corresponding key K cannot be found.
(2) 在 HAAA不保存密钥 K的情况下, 利用 MAG ID作为计算 K的参数。 若 MAG1 将其存储的密钥 K泄漏给 MAG2, MAG2发送的 PBU消息利用密钥 K进行保护, 则 HAAA 根据 MN的身份找到 Ks,继而利用 Ks和 MAG2的身份计算得到密钥 K'。因为计算 K和 K' 使用的 MAG ID不同, 因此两个密钥不同, MAG2发送的 PBU消息无法通过验证。  (2) In the case where HAAA does not save the key K, the MAG ID is used as a parameter for calculating K. If MAG1 leaks its stored key K to MAG2, and the PBU message sent by MAG2 is protected by key K, HAAA finds Ks according to the identity of MN, and then uses Ks and MAG2 to calculate key K'. Because the calculation of K and K' uses different MAG IDs, the two keys are different, and the PBU message sent by MAG2 cannot pass the verification.
通过实施例二所述的方法, 使得只有当前为 MN提供服务的 MAG能够拥有正确的密钥 By the method described in Embodiment 2, only the MAG currently serving the MN can have the correct key.
K (即信任状), 并代理 MN发送绑定更新消息。这就使得恶意的 MAG无法修改 MN在 LMA 的地址绑定关系, 避免恶意 MAG攻击所带来的问题。 K (ie, a credential), and the proxy MN sends a binding update message. This prevents the malicious MAG from modifying the address binding relationship of the MN in the LMA to avoid the problems caused by malicious MAG attacks.
此外, 在 PBU消息中携带时间戳可以防止重放攻击。 将密钥 K和 MAG ID—起保存, 或利用 MAG ID作为计算 K的参数可以防止当前为 MN提供服务的 MAG将其密钥 K泄漏给 其他 MAG使用。 本发明的实施例三提供了一种防止恶意攻击的方法, 如图 3所示, 包括:  In addition, carrying a timestamp in the PBU message can prevent replay attacks. Saving the key K and the MAG ID, or using the MAG ID as the parameter of the calculation K, can prevent the MAG currently serving the MN from leaking its key K to other MAGs. A third embodiment of the present invention provides a method for preventing a malicious attack. As shown in FIG. 3, the method includes:
步骤 301 : MN和 MAG、 HAAA执行 EAP AKA认证过程进行接入认证。 步骤 302: 完成对 MN的认证后, HAAA和 MN共享密钥 Ks。 Ks是 EAP AKA认证过程 的结果。 如 Ks = CK||IK, 其中, CK和 IK为认证向量中的密钥, 由 HSS发送到 HAAA。 MN 利用 UMTS USIM计算得到 CK和 IK;或者 Ks为 HAAA根据 CK和 /或 IK推演得到的密钥, 如 Ks = KDF (CK||IK, MAG ID, · · · )。 HAAA保存 Ks。 Step 301: The MN, the MAG, and the HAAA perform an EAP AKA authentication process to perform access authentication. Step 302: After completing the authentication of the MN, the HAAA and the MN share the key Ks. Ks is the result of the EAP AKA certification process. For example, Ks = CK||IK, where CK and IK are the keys in the authentication vector and are sent by the HSS to HAAA. MN calculates CK and IK using UMTS USIM; or Ks is the key derived by HAAA based on CK and/or IK, such as Ks = KDF (CK||IK, MAG ID, · · · ). HAAA saves Ks.
步骤 303 : HAAA利用 Ks推演得到密钥 K。推演密钥 Κ的参数可以包括 MAG身份 (MAG Step 303: HAAA uses Ks to derive the key K. The parameters of the derivation key 可以 can include the MAG identity (MAG)
ID)、 MN身份 (MN ID) 等。 ID), MN identity (MN ID), etc.
本实施例中, HAAA将得到的密钥 K作为信任状, 该方式是 HAAA生成信任状的一种 方式, 本发明实施例不排除 HAAA还可以通过其它方式生成信任状。  In this embodiment, the HAAA obtains the key K as a credential. The method is a way for the HAAA to generate a credential. The embodiment of the present invention does not exclude that the HAAA can generate a credential by other means.
步骤 304: HAAA将密钥 K发送给 MAG。 如图 3所示, 密钥 K可以携带在 EAP认证成 功消息中。 HAAA和 MAG之间的通信可以采用 IPsec等安全机制保证安全。  Step 304: HAAA sends the key K to the MAG. As shown in Figure 3, the key K can be carried in the EAP authentication success message. The communication between HAAA and MAG can be secured by security mechanisms such as IPsec.
步骤 305: MAG保存密钥 K, 并发送 EAP认证成功消息给 ΜΝ。  Step 305: The MAG saves the key K, and sends an EAP authentication success message to the UI.
步骤 306: MAG代理 ΜΝ发送代理绑定更新消息 PBU。 该 PBU利用信任状即密钥 K进 行保护。 具体的保护方法为该 PBU中携带利用密钥 K计算得到的 MN-AAA认证扩展。  Step 306: The MAG proxy sends a proxy binding update message PBU. The PBU is protected with a credential, key K. The specific protection method is that the PBU carries the MN-AAA authentication extension calculated by using the key K.
步骤 307: LMA请求 HAAA验证 MN-AAA认证扩展, 也就是验证 PBU消息。  Step 307: The LMA requests the HAAA to verify the MN-AAA authentication extension, that is, to verify the PBU message.
步骤 308: HAAA验证该认证扩展。 具体来说, 如果 HAAA保存了密钥 K, 那么直接利 用密钥 Κ验证 MN-AAA认证扩展; 如果 HAAA没有保存密钥 K, 那么 HAAA利用 Ks推演 得到 K, 然后验证 MN-AAA认证扩展。 验证成功后, HAAA生成验证密钥 Kp。 Κρ可以基 于 Ks或者 K生成。 生成 Kp的参数可以包括 HAAA生成的 nonce (时间随机数)、 MAG生 成的 nonce等。  Step 308: HAAA verifies the authentication extension. Specifically, if HAAA holds the key K, then the key Κ is used to verify the MN-AAA authentication extension; if HAAA does not save the key K, then HAAA uses Ks to derive K, and then verifies the MN-AAA authentication extension. After the verification is successful, HAAA generates the verification key Kp. Κρ can be generated based on Ks or K. The parameters for generating Kp may include nonce (time random number) generated by HAAA, nonce generated by MAG, and the like.
步骤 309: 验证成功后, HAAA发送验证成功消息给 LMA。 Kp也被发送给 LMA。 需要指出的是, Kp可以携带在验证成功消息中发送, 也可以通过其他消息发送给 LMA。 步骤 310: LMA发送 PB A消息给 MAG。  Step 309: After the verification succeeds, the HAAA sends a verification success message to the LMA. Kp is also sent to the LMA. It should be noted that Kp can be carried in the verification success message or sent to the LMA through other messages. Step 310: The LMA sends a PB A message to the MAG.
在上述过程中, HAAA将 MAG生成 Kp所需要的参数经由 LMA发送给 MAG。 MAG采 用和 HAAA相同的方法计算得到 Kp。 该步骤并不限定在某个时间点执行。  In the above process, HAAA sends the parameters required by the MAG to generate Kp to the MAG via the LMA. The MAG calculates Kp in the same way as HAAA. This step is not limited to execution at a certain point in time.
完成上述步骤后,后续 MAG每次发送 PBU消息时,可以利用验证密钥 Kp计算 MN-HA 认证扩展或 FA-HA认证扩展。 LMA利用 Kp验证该 MN-HA或 FA-HA认证扩展。 如图 3步 骤 311〜步骤 313所示, 是利用验证密钥 Kp计算 MN-HA认证扩展并进行验证的情况。 采用 这种方法,可以在 LMA上完成对后续 PBU消息的验证,避免每次验证 PBU消息都需要 HAAA 的参与, 从而节省网络资源。  After the above steps are completed, each time the subsequent MAG sends a PBU message, the MN-HA authentication extension or the FA-HA authentication extension can be calculated by using the verification key Kp. The LMA uses Kp to verify the MN-HA or FA-HA authentication extension. As shown in step 3 of FIG. 3 to step 313, the MN-HA authentication extension is calculated and verified by the verification key Kp. In this way, the subsequent PBU message can be verified on the LMA, and the HAAA participation is required to verify the PBU message every time, thereby saving network resources.
验证密钥 Kp可以有生命期, 当生命期到达时, LMA需要删除该 Kp。 这样可以使得 Kp 不会被无限期的使用。 The verification key Kp can have a lifetime, and when the lifetime reaches, the LMA needs to delete the Kp. This can make Kp Will not be used indefinitely.
当 LMA没有相应的 Kp时, LMA会指示 MAG发送携带 MN-AAA认证扩展的 PBU消 息, 然后 MAG和 LMA、 HAAA执行如步骤 306〜步骤 310的步骤来验证 PBU消息, 并使得 LMA获得验证密钥 Kp。  When the LMA does not have a corresponding Kp, the LMA instructs the MAG to send a PBU message carrying the MN-AAA authentication extension, and then the MAG and the LMA, HAAA perform the steps of steps 306 to 310 to verify the PBU message, and cause the LMA to obtain the verification key. Kp.
当 ΜΝ更换为其提供服务的 MAG后, MN可能执行重新认证过程, HAAA获得新的 CK 和 /或 IK, 进而更新 Ks; 或者 MN不执行重新认证过程, HAAA感知到 MAG的更换后, 使 用旧的 CK和 /或 IK, 并根据其他的输入参数 (如 MAG ID等) 推演得到新的 Ks。 HAAA在 新的 Ks的基础上为新的 MAG生成新的密钥 K (即信任状)。 当 HAAA验证新的 MAG发来 的 PBU消息时, 也生成新的 Kp。 HAAA将生成的新的 Kp发送给 LMA; 将 MAG生成新的 Kp所需要的参数经由 LMA发送给新的 MAG。LMA需要删除旧的 Kp,LMA可以在发送 PBA 消息后删除旧的 Kp, 也可以在收到新的 Kp后立即删除旧的 Κρ。 通过以上方法, 旧的 MAG 无法利用其保存的密钥 K, 也无法生成新的 Κρ。 因此其绑定更新请求将被拒绝。 如图 3步骤 314〜步骤 324所示, 是 ΜΝ更换为其提供服务的 MAG后, 防止恶意攻击的方法。 在图 3所 示的流程中, MN更换 MAG后重新进行接入认证,且 LMA在发送 PBA消息后删除旧的 Kp。  After replacing the MAG that provides the service, the MN may perform the re-authentication process, the HAAA obtains the new CK and/or IK, and then updates the Ks; or the MN does not perform the re-authentication process, and the HAAA senses the MAG replacement and uses the old CK and / or IK, and derive new Ks based on other input parameters (such as MAG ID, etc.). HAAA generates a new key K (ie, a credential) for the new MAG based on the new Ks. When HAAA verifies the PBU message sent by the new MAG, a new Kp is also generated. HAAA sends the generated new Kp to the LMA; the parameters required by the MAG to generate a new Kp are sent to the new MAG via the LMA. The LMA needs to delete the old Kp. The LMA can delete the old Kp after sending the PBA message, or delete the old Κρ immediately after receiving the new Kp. Through the above method, the old MAG cannot use its saved key K, nor can it generate a new Κρ. Therefore its binding update request will be rejected. As shown in step 314 to step 324 of Figure 3, it is a method to prevent malicious attacks after replacing the MAG that provides services. In the process shown in Figure 3, after the MN replaces the MAG, the access authentication is performed again, and the LMA deletes the old Kp after sending the PBA message.
为了防止重放攻击, MAG可以在上述步骤 306、 步骤 311、步骤 319的 PBU消息中携带 时间戳。  To prevent the replay attack, the MAG may carry a timestamp in the PBU message in the foregoing step 306, step 311, and step 319.
考虑 MAG将其存储的密钥 K泄漏给其他 MAG使用的威胁分析和实施例二相同。 考虑 MAG将其存储的验证密钥 Kp泄漏给其他 MAG使用的威胁时,由于 LMA保存验证密钥 Kp, 因此可以通过将验证密钥 Kp和 MAG ID关联保存的方式将 Kp和 MAG绑定。 这样 MAG1 将其存储的验证密钥 Kp泄漏给 MAG2使用的情况下, MAG2发送的 PBU消息将因无法找到 对应的验证密钥 Kp而无法通过验证。 本发明的实施例四提供了一种防止恶意攻击的方法, 如图 4所示, 包括:  The threat analysis that considers that the MAG leaks its stored key K to other MAGs is the same as in the second embodiment. Considering that the MAG leaks its stored authentication key Kp to the threat used by other MAGs, since the LMA saves the authentication key Kp, Kp and MAG can be bound by storing the authentication key Kp and the MAG ID in association. If MAG1 leaks its stored authentication key Kp to MAG2, the PBU message sent by MAG2 will fail to pass the verification because it cannot find the corresponding authentication key Kp. A fourth embodiment of the present invention provides a method for preventing a malicious attack. As shown in FIG. 4, the method includes:
步骤 401: MN和 MAG、 HAAA执行 EAP AKA认证过程进行接入认证。  Step 401: The MN, the MAG, and the HAAA perform an EAP AKA authentication process to perform access authentication.
步骤 402: 完成对 MN的认证后, HAAA和 MN共享密钥 Ks。 Ks是 EAP AKA认证过程 的结果。 如 Ks = CK||IK, 其中, CK和 IK为认证向量中的密钥, 由 HSS发送到 HAAA。 MN 利用 UMTS USIM计算得到 CK和 IK;或者 Ks为 HAAA根据 CK和 /或 IK推演得到的密钥, 如 Ks = KDF (CK||IK, MAG ID, ··· )。 HAAA保存 Ks。  Step 402: After completing the authentication of the MN, the HAAA and the MN share the key Ks. Ks is the result of the EAP AKA certification process. For example, Ks = CK||IK, where CK and IK are the keys in the authentication vector and are sent by the HSS to HAAA. MN uses UMTS USIM to calculate CK and IK; or Ks is the key that HAAA derives from CK and / or IK, such as Ks = KDF (CK||IK, MAG ID, ··· ). HAAA saves Ks.
步骤 403 : HAAA利用 Ks推演得到密钥 K。推演密钥 Κ的参数可以包括 MAG身份 (MAG ID)、 MN身份 (MN ID) 等。 本实施例中, HAAA将得到的密钥 K作为信任状, 该方式是 ΗΑΑΑ生成信任状的一种 方式, 本发明实施例不排除 ΗΑΑΑ还可以通过其它方式生成信任状。 Step 403: HAAA uses Ks to derive the key K. The parameters of the derivation key 可以 may include a MAG identity (MAG ID), a MN identity (MN ID), and the like. In this embodiment, the HAAA uses the obtained key K as a credential. This method is a way to generate a credential. The embodiment of the present invention does not exclude that the credential can be generated by other means.
步骤 404: ΗΑΑΑ将密钥 Κ发送给 MAG。 如图 4所示, 密钥 K可以携带在 EAP认证成 功消息中。 HAAA和 MAG之间的通信可以采用 IPsec等安全机制保证安全。  Step 404: Κ Send the key Κ to the MAG. As shown in Figure 4, the key K can be carried in the EAP authentication success message. The communication between HAAA and MAG can be secured by security mechanisms such as IPsec.
步骤 405: MAG保存密钥 K, 并发送 EAP认证成功消息给 ΜΝ。  Step 405: The MAG saves the key K, and sends an EAP authentication success message to the ΜΝ.
步骤 406: MAG代理 MN发送代理绑定更新消息 PBU, 该 PBU利用信任状即密钥 K进 行保护。 具体的保护方法为 MAG利用密钥 K计算 MN-HA认证扩展或 FA-HA认证扩展。  Step 406: The MAG proxy MN sends a proxy binding update message PBU, and the PBU is protected by the credential, that is, the key K. The specific protection method is that the MAG uses the key K to calculate the MN-HA authentication extension or the FA-HA authentication extension.
步骤 407: LMA向 HAAA请求用于验证 PBU消息的密钥 K。  Step 407: The LMA requests the HAAA to use the key K for verifying the PBU message.
步骤 408: 如果 HAAA没有保存密钥 Κ, 那么 HAAA生成密钥 Κ。 该步骤为可选。 步骤 409: HAAA将密钥 Κ发送给 LMA。 LMA验证绑定更新消息。  Step 408: If HAAA does not save the key Κ, then HAAA generates a key Κ. This step is optional. Step 409: HAAA sends the key Κ to the LMA. The LMA verifies the binding update message.
步骤 410: 验证成功后, LMA发送 PBA消息给 MAG。  Step 410: After the verification succeeds, the LMA sends a PBA message to the MAG.
完成上述步骤后, 后续 MAG每次发送 PBU消息时, 可以利用密钥 K计算 MN-HA认证 扩展或 FA-HA认证扩展。 LMA利用 K验证该 MN-HA或 FA-HA认证扩展。如图 4步骤 411〜 步骤 413所示, 是 MAG利用密钥 K计算 MN-HA认证扩展并进行验证的情况。 采用这种方 法, 可以在 LMA上完成对后续 PBU消息的验证, 避免每次验证 PBU消息都需要 HAAA的 参与, 从而节省网络资源。  After the above steps are completed, each time the subsequent MAG sends a PBU message, the key K can be used to calculate the MN-HA authentication extension or the FA-HA authentication extension. The LMA uses K to verify the MN-HA or FA-HA authentication extension. As shown in steps 411 to 413 of Fig. 4, the MAG calculates the MN-HA authentication extension using the key K and performs verification. In this way, the subsequent PBU message can be verified on the LMA, and the HAAA participation is required to verify the PBU message every time, thereby saving network resources.
当 MN更换为其提供服务的 MAG后, MN可能执行重新认证过程, HAAA获得新的 CK 和 /或 IK, 进而更新 Ks; 或者 MN不执行重新认证过程, HAAA感知到 MAG的更换后, 使 用旧的 CK和 /或 IK, 并根据其他的输入参数 (如 MAG ID等) 推演得到新的 Ks。 HAAA在 新的 Ks的基础上为新的 MAG生成新的密钥 K (即信任状)。 当 HAAA收到新的 MAG发来 的请求密钥 K的消息时, 向 LMA发送新的密钥 K; 若 HAAA上没有保存密钥 K, 则生成新 的 Κ后向 LMA发送新的密钥 K。 LMA需要删除旧的 K, LMA可以在发送 PBA消息后删除 旧的 K, 也可以在收到新的 Κ后立即删除旧的^ 通过以上方法, 旧的 MAG无法利用其保 存的密钥 K, 因此其绑定更新请求将被拒绝。 如图 4步骤 414〜步骤 424所示, 是 ΜΝ更换 为其提供服务的 MAG后, 防止恶意攻击的方法。在图 4所示的流程中, MN更换 MAG后重 新进行接入认证, 且 LMA在发送 PBA消息后删除旧的 K。  After the MN is replaced with the MAG that provides the service, the MN may perform the re-authentication process, the HAAA obtains a new CK and/or IK, and then updates the Ks; or the MN does not perform the re-authentication process, and the HAAA senses the MAG replacement and uses the old CK and / or IK, and derive new Ks based on other input parameters (such as MAG ID, etc.). HAAA generates a new key K (ie, a credential) for the new MAG based on the new Ks. When the HAAA receives the message of the request key K sent by the new MAG, it sends a new key K to the LMA; if the key K is not saved on the HAAA, a new key is generated, and a new key K is sent to the LMA. . The LMA needs to delete the old K. The LMA can delete the old K after sending the PBA message, or delete the old one immediately after receiving the new one. By the above method, the old MAG cannot use the saved key K, so Its binding update request will be rejected. As shown in step 414 to step 424 of FIG. 4, it is a method for preventing malicious attacks after replacing the MAG that serves the service. In the process shown in Figure 4, after the MN replaces the MAG, the access authentication is re-established, and the LMA deletes the old K after sending the PBA message.
为了防止重放攻击, MAG可以在上述步骤 406、 步骤 411、步骤 419的 PBU消息中携带 时间戳。  In order to prevent the replay attack, the MAG may carry a timestamp in the PBU message in the foregoing step 406, step 411, and step 419.
考虑 MAG将其存储的密钥 K泄漏给其他 MAG使用的威胁时, 由于 LMA保存密钥 K, 因此可以通过将 Κ和 MAG ID关联保存在 LMA的方式将 K和 MAG绑定。这样 MAG1将其 存储的密钥 K泄漏给 MAG2使用的情况下, MAG2发送的 PBU消息将因无法找到对应的密 钥 Κ而无法通过验证。 以上实施例描述的都是单重 PMIP隧道下的防止恶意攻击的方法。 即本发明实施例提供 的防止恶意攻击的方法可以包括: 一段 PMIP隧道的起点获得用于保护该段 PMIP隧道的代 理绑定更新消息的信任状; 所述 PMIP隧道的起点向该段 PMIP隧道的终点发送利用所述信 任状进行保护的代理绑定更新消息; 所述 PMIP隧道的起点接收所述 PMIP隧道的终点在验 证所述代理绑定更新消息后返回的代理绑定更新响应。 在实际应用中, 还有可能出现两重 PMIP隧道。本发明的实施例五即描述了两重 PMIP隧道下的防止恶意攻击的方法。如图 5所 示, 包括: Considering that the MAG leaks its stored key K to threats used by other MAGs, since the LMA saves the key K, K and MAG can be bound by storing the Κ and MAG ID associations in the LMA. So MAG1 will If the stored key K is leaked to the MAG2, the PBU message sent by the MAG2 will fail to pass the verification because the corresponding key cannot be found. The above embodiments describe methods for preventing malicious attacks under a single PMIP tunnel. That is, the method for preventing a malicious attack provided by the embodiment of the present invention may include: obtaining, by a starting point of a segment of a PMIP tunnel, a credential for protecting a proxy binding update message of the segment of the PMIP tunnel; starting point of the PMIP tunnel to the PMIP tunnel of the segment The endpoint sends a proxy binding update message protected with the credential; the origin of the PMIP tunnel receives a proxy binding update response returned by the endpoint of the PMIP tunnel after verifying the proxy binding update message. In practical applications, there may be two PMIP tunnels. Embodiment 5 of the present invention describes a method for preventing malicious attacks under two PMIP tunnels. As shown in Figure 5, it includes:
步骤 501: MN和 MAG、 HAAA执行 EAP AKA认证过程进行接入认证。  Step 501: The MN, the MAG, and the HAAA perform an EAP AKA authentication process to perform access authentication.
步骤 502: 完成对 MN的认证后, HAAA和 MN共享密钥 Ks。 Ks是 EAP AKA认证过程 的结果。 如 Ks = CK||IK, 其中, CK和 IK为认证向量中的密钥, 由 HSS发送到 HAAA。 MN 利用 UMTS USIM计算得到 CK和 IK;或者 Ks为 HAAA根据 CK和 /或 IK推演得到的密钥, 如 Ks = KDF (CK||IK, MAG ID, ··· )。 HAAA保存 Ks。  Step 502: After completing the authentication of the MN, the HAAA and the MN share the key Ks. Ks is the result of the EAP AKA certification process. For example, Ks = CK||IK, where CK and IK are the keys in the authentication vector and are sent by the HSS to HAAA. MN uses UMTS USIM to calculate CK and IK; or Ks is the key that HAAA derives from CK and / or IK, such as Ks = KDF (CK||IK, MAG ID, ··· ). HAAA saves Ks.
步骤 503 : HAAA利用 Ks推演得到密钥 K。推演密钥 Κ的参数可以包括 MAG身份 (MAG ID)、 MN身份 (MN ID) 等。  Step 503: HAAA uses Ks to derive the key K. The parameters of the derivation key 可以 may include a MAG identity (MAG ID), a MN identity (MN ID), and the like.
本实施例中, HAAA将得到的密钥 K作为信任状, 该方式是 HAAA生成信任状的一种 方式, 本发明实施例不排除 HAAA还可以通过其它方式生成信任状。  In this embodiment, the HAAA obtains the key K as a credential. The method is a way for the HAAA to generate a credential. The embodiment of the present invention does not exclude that the HAAA can generate a credential by other means.
步骤 504: HAAA将密钥 K发送给 MAG。 如图 5所示, 密钥 K可以携带在 EAP认证成 功消息中。 HAAA和 MAG之间的通信可以采用 IPsec等安全机制保证安全。  Step 504: HAAA sends the key K to the MAG. As shown in Figure 5, the key K can be carried in the EAP authentication success message. The communication between HAAA and MAG can be secured by security mechanisms such as IPsec.
步骤 505: MAG保存密钥 K, 并发送 EAP认证成功消息给 ΜΝ。  Step 505: The MAG saves the key K, and sends an EAP authentication success message to MA.
步骤 506: MAG代理 MN发送代理绑定更新消息 PBU。 该 PBU利用信任状即密钥 K进 行保护。 具体的保护方法为该 PBU中携带利用密钥 K计算得到的 MN-AAA认证扩展。  Step 506: The MAG proxy MN sends a proxy binding update message PBU. The PBU is protected with a credential, key K. The specific protection method is that the PBU carries the MN-AAA authentication extension calculated by using the key K.
步骤 507: LMA请求 HAAA验证 MN-AAA认证扩展, 也就是验证 PBU消息。  Step 507: The LMA requests the HAAA to verify the MN-AAA authentication extension, that is, to verify the PBU message.
步骤 508: HAAA验证该认证扩展。 具体来说, 如果 HAAA保存了密钥 K, 那么直接利 用 Κ验证 MN-AAA认证扩展; 如果 HAAA没有保存 K, 那么 HAAA利用 Ks推演得到 K, 然后验证 MN-AAA认证扩展。 验证成功后, HAAA生成验证密钥 Kp。 Κρ可以基于 Ks或者 K生成。 生成 Kp的参数可以包括 HAAA生成的 nonce (时间随机数), MAG生成的 nonce 等。 此外, HAAA还生成第二信任状 K'。 K'将作为 LMA上使用的信任状。 K'可以基于 Ks 推导, 如 K' =KDF (Ks, LMA ID, MN ID, ··· )。 Step 508: HAAA verifies the authentication extension. Specifically, if the HAAA holds the key K, the MN-AAA authentication extension is directly verified by using Κ; if the HAAA does not save K, then the HAAA derives K using Ks, and then verifies the MN-AAA authentication extension. After the verification is successful, HAAA generates an authentication key Kp. Κρ can be generated based on Ks or K. The parameters for generating Kp may include nonce (time random number) generated by HAAA, nonce generated by MAG, and the like. In addition, HAAA also generates a second credential K'. K' will be used as a credential on the LMA. K' can be derived based on Ks, such as K' = KDF (Ks, LMA ID, MN ID, ···).
步骤 509: 验证成功后, HAAA发送验证成功消息给 LMA。 验证密钥 Kp和第二信任状 K' 也被发送给 LMA。  Step 509: After the verification succeeds, the HAAA sends a verification success message to the LMA. The verification key Kp and the second credential K' are also sent to the LMA.
需要指出的是,验证密钥 Kp和第二信任状 K'可以携带在验证成功消息中发送给 LMA, 也可以在其他消息中发送给 LMA, 且 Kp和 K'可以不在同一条消息中发送。  It should be noted that the verification key Kp and the second credential K' may be carried in the verification success message and sent to the LMA, or may be sent to the LMA in other messages, and Kp and K' may not be sent in the same message.
步骤 510: LMA发送 PBU消息给第二本地移动锚点 LMA'。 此条消息利用 LMA获得的 第二信任状 K' 进行保护。 具体的保护方法为该 PBU中携带利用第二信任状 K' 计算得到的 MN-AAA认证扩展。  Step 510: The LMA sends a PBU message to the second local mobility anchor LMA'. This message is protected by the second credential K' obtained by the LMA. The specific protection method is that the PBU carries the MN-AAA authentication extension calculated by using the second credential K'.
步骤 511 : LMA' 请求 HAAA验证 MN- AAA认证扩展, 也就是验证 PBU消息。  Step 511: The LMA' requests the HAAA to verify the MN-AAA authentication extension, that is, to verify the PBU message.
步骤 512: HAAA验证该认证扩展。 具体来说, HAAA如果保存了第二信任状 K', 那么 直接利用第二信任状 K' 验证 ΜΝ-ΑΑΑ认证扩展; 如果 HAAA没有保存第二信任状 Κ', 那 么 HAAA利用 Ks推演得到 Κ', 然后验证 MN-AAA认证扩展。 验证成功后, HAAA生成第 二验证密钥 Kp'。 Kp' 可以基于 Ks或者 K' 生成。 生成 Kp' 的参数可以包括 HAAA生成的 nonce, LMA生成的 nonce等。  Step 512: HAAA verifies the authentication extension. Specifically, if HAAA saves the second credential K', then the second credential K' is used to verify the ΜΝ-ΑΑΑ authentication extension; if HAAA does not save the second credential Κ', then HAAA uses Ks to derive Κ' , then verify the MN-AAA authentication extension. After the verification is successful, HAAA generates a second verification key Kp'. Kp' can be generated based on Ks or K'. The parameters for generating Kp' may include nonce generated by HAAA, nonce generated by LMA, and the like.
步骤 513 : 验证成功后, HAAA发送验证成功消息给 LMA'。 Kp'也被发送给 LMA'。 需要指出的是, Kp'可以携带在验证成功消息中发送给 LMA', 也可以在其他消息中发送 给 LMA'。  Step 513: After the verification succeeds, the HAAA sends a verification success message to the LMA'. Kp' was also sent to LMA'. It should be noted that Kp' can be carried to the LMA' in the verification success message, or can be sent to the LMA' in other messages.
步骤 514: LMA'回复 PBA消息给 LMA。  Step 514: The LMA' replies to the PBA message to the LMA.
步骤 515: LMA回复 PBA消息给 MAG。  Step 515: The LMA replies to the PBA message to the MAG.
在上述过程中, HAAA将 MAG生成验证密钥 Kp所需要的参数经由 LMA发送给 MAG, 将 LMA生成第二验证密钥 Kp'所需要的参数经由第二本地移动锚点 LMA'发送给 LMA。MAG 采用和 HAAA相同的方法计算得到 Kp, LMA采用和 HAAA相同的方法计算得到 Kp'。这些 步骤并不限定在某个时间点执行。  In the above process, the HAAA sends the parameters required by the MAG to generate the verification key Kp to the MAG via the LMA, and sends the parameters required by the LMA to generate the second verification key Kp' to the LMA via the second local mobility anchor LMA'. The MAG calculates Kp in the same way as HAAA, and the LMA calculates Kp' in the same way as HAAA. These steps are not limited to execution at a certain point in time.
完成上述步骤后,后续 MAG每次发送 PBU消息时,可以利用验证密钥 Kp计算 MN-HA 认证扩展或 FA-HA认证扩展。 LMA利用 Kp验证该 MN-HA认证扩展或 FA-HA认证扩展。 LMA每次发送 PBU消息时, 可以利用第二验证密钥 Kp'计算 MN-HA认证扩展或 FA-HA认 证扩展。 LMA'利用 Kp'验证该 MN-HA认证扩展或 FA-HA认证扩展。 如图 5步骤 516所示, 概括地表示了后续该后续验证过程。 采用这种方法, 可以在 LMA、 LMA'上完成对后续 PBU 消息的验证, 避免每次验证 PBU消息都需要 HAAA的参与, 从而节省网络资源。 验证密钥 Kp、 第二验证密钥 Κρ'可以有生命期, 当生命期到达时, LMA或 LMA'需要删 除该 Κρ或 Κρ'。 这样可以使得 Κρ或 Κρ'不会被无限期的使用。 After the above steps are completed, each time the subsequent MAG sends a PBU message, the MN-HA authentication extension or the FA-HA authentication extension can be calculated by using the verification key Kp. The LMA uses Kp to verify the MN-HA authentication extension or FA-HA authentication extension. Each time the LMA sends a PBU message, the MN-HA authentication extension or the FA-HA authentication extension can be calculated using the second verification key Kp'. LMA' uses Kp' to verify the MN-HA authentication extension or FA-HA authentication extension. As shown in step 516 of FIG. 5, the subsequent verification process is generally indicated. In this way, the subsequent PBU messages can be verified on the LMA and the LMA' to avoid the need for HAAA participation every time the PBU message is verified, thereby saving network resources. The verification key Kp and the second verification key Κρ' may have a lifetime, and when the lifetime reaches, the LMA or LMA' needs to delete the Κρ or Κρ'. This can make Κρ or Κρ' not be used indefinitely.
当 LMA没有相应的 Κρ时, LMA会指示 MAG发送携带 MN-AAA认证扩展的 PBU消 息, 然后 LMA、 HAAA交互对该 PBU消息进行验证。 当 LMA'没有相应的 Kp'时, LMA'会 指示 LMA发送携带 ΜΝ-ΑΑΑ认证扩展的 PBU消息, 然后 LMA'、 HAAA交互对该 PBU消 息进行验证。  When the LMA does not have a corresponding Κρ, the LMA instructs the MAG to send a PBU message carrying the MN-AAA authentication extension, and then the LMA and HAAA interact to verify the PBU message. When the LMA' does not have a corresponding Kp', the LMA' instructs the LMA to send a PBU message carrying the ΜΝ-ΑΑΑ authentication extension, and then the LMA' and HAAA interact to verify the PBU message.
当 MN更换为其提供服务的 MAG后, HAAA更新 Ks。 HAAA在新的 Ks的基础上为新 的 MAG生成新的密钥 K (即信任状)。 当 HAAA验证新的 MAG发来的 PBU消息时, 也生 成新的 Kp。 HAAA将生成的新的 Kp发送给 LMA; 将 MAG生成新的 Kp所需要的参数经由 LMA发送给新的 MAG。 LMA需要删除旧的 Kp, LMA可以在发送 PBA消息后删除旧的 Kp, 也可以在收到新的 Kp后立即删除旧的 Kp。  HAAA updates Ks after the MN changes its MAG to provide services. HAAA generates a new key K (ie, a credential) for the new MAG based on the new Ks. When HAAA verifies the PBU message sent by the new MAG, a new Kp is also generated. HAAA sends the generated new Kp to the LMA; the parameters required by the MAG to generate a new Kp are sent to the new MAG via the LMA. The LMA needs to delete the old Kp. The LMA can delete the old Kp after sending the PBA message, or delete the old Kp immediately after receiving the new Kp.
当 ΜΝ更换为其提供服务的 MAG时,若 LMA没有更换,则 LMA和 LMA'之间的 PBU 消息可以继续使用原来的 Kp' 进行保护, 也可以重新执行如步骤 510〜步骤 514的步骤以使 得 LMA和 LMA' 可以基于新的密钥 Ks推演得到新的 Κρ' ; 若 LMA也发生更换, 则执行如 步骤 510〜步骤 514的步骤得到新的 Kp'。  When replacing the MAG that serves it, if the LMA is not replaced, the PBU message between the LMA and the LMA' may continue to be protected using the original Kp', or the steps as in steps 510 to 514 may be re-executed to make The LMA and LMA' can derive a new Κρ' based on the new key Ks; if the LMA is also replaced, the steps of steps 510 to 514 are performed to obtain a new Kp'.
通过以上方法, 旧的 MAG或 LMA无法利用其保存的信任状 K或第二信任状 Κ',因此其 绑定更新请求将被拒绝。如图 5步骤 517〜步骤 523所示, 是 ΜΝ更换为其提供服务的 MAG 后, 防止恶意攻击的方法。在图 5所示的流程中, MN更换 MAG后重新进行接入认证, LMA 没有更换, 且 LMA在发送 PBA消息后删除旧的 Kp。  Through the above method, the old MAG or LMA cannot use its saved credential K or second credential Κ', so its binding update request will be rejected. As shown in step 5 of Figure 5 to step 523, it is a method to prevent malicious attacks after replacing the MAG that serves it. In the process shown in Figure 5, after the MN replaces the MAG, the access authentication is performed again, the LMA is not replaced, and the LMA deletes the old Kp after sending the PBA message.
为了防止重放攻击, MAG或 LMA可以在上述步骤 506、 步骤 510、 步骤 518的 PBU消 息中携带时间戳。  In order to prevent the replay attack, the MAG or the LMA may carry the timestamp in the PBU message of the foregoing step 506, step 510, and step 518.
上述实施例五描述了两重 PMIP隧道下防止恶意攻击的方法, 在多重 PMIP隧道的情况 下, 可以采用类似的方式处理。 即: HAAA验证了一段 PMIP隧道的起点 A发送的 PBU消息 后, 发送自己拥有的信任状给这段 PMIP隧道的终点 B。 这段 PMIP隧道的终点 B为下一段 PMIP隧道的起点, B利用自己拥有的信任状保护 PBU消息。 HAAA每次验证 PBU消息后, 发送下一段 PMIP隧道起点使用的信任状给下一段 PMIP隧道的起点。 通过这种方式, 只有 当前为 MN提供服务的节点能够获得相关的信任状, 从而防止了当前不为 MN提供服务的节 点发送非法的 PBU消息。  The fifth embodiment described above describes a method for preventing malicious attacks under two PMIP tunnels. In the case of multiple PMIP tunnels, it can be handled in a similar manner. That is: HAAA verifies the PBU message sent by the start point A of a PMIP tunnel, and then sends its own trust to the destination B of the PMIP tunnel. The end point B of this PMIP tunnel is the starting point of the next PMIP tunnel, and B protects the PBU message with the credentials it owns. After each time the HAAA verifies the PBU message, the HAAA sends the credential used by the starting point of the next PMIP tunnel to the starting point of the next PMIP tunnel. In this way, only the node currently serving the MN can obtain the associated credentials, thereby preventing the node that is currently not serving the MN from sending an illegal PBU message.
此夕卜, 家乡 AAA服务器可以将任意一段 PMIP隧道的信任状与该段 PMIP隧道的起点的 身份关联保存。 若某段 PMIP隧道的终点保存有该段 PMIP隧道的验证密钥或信任状, 则该 段 PMIP隧道的终点可以将该验证密钥或信任状与该段 PMIP隧道的起点的身份关联保存。 实施例五是基于实施例三为例说明了多重 PMIP隧道下防止恶意攻击的方法。 实施例二 和实施例四也可以采用类似的方式进行扩展以保护多重 PMIP隧道下的 PBU消息。 Furthermore, the home AAA server can associate the credentials of any segment of the PMIP tunnel with the identity of the starting point of the segment of the PMIP tunnel. If the end point of a PMIP tunnel holds the verification key or credential of the PMIP tunnel, then the The endpoint of the segment PMIP tunnel may be associated with the identity of the authentication key or credential with the origin of the segment of the PMIP tunnel. The fifth embodiment is based on the third embodiment to illustrate a method for preventing malicious attacks under multiple PMIP tunnels. Embodiment 2 and Embodiment 4 may also be extended in a similar manner to protect PBU messages under multiple PMIP tunnels.
此外实施例二、 实施例三和实施例四的保护方式可以分别应用在多重 PMIP隧道的任何 一段隧道上。 举例而言, 在两重 PMIP隧道的情况下, 第一重 PMIP隧道的保护可以使用实 施例三的方法进行保护, 第二重 PMIP隧道的保护可以使用实施例二的方式进行保护。 除上述实施例所体现的情况外, 以下介绍一些其他可能的情况:  Furthermore, the protection modes of the second embodiment, the third embodiment and the fourth embodiment can be applied to any one of the multiple PMIP tunnels. For example, in the case of a dual PMIP tunnel, the protection of the first heavy PMIP tunnel can be protected by the method of the third embodiment, and the protection of the second heavy PMIP tunnel can be protected by the method of the second embodiment. In addition to the examples embodied in the above embodiments, some other possible scenarios are described below:
1 ) MAG除了从 HAAA处获得信任状外, 还可能从 MN获得信任状。例如在接入认证成 功后, MN利用与 HAAA共享的 Ks生成信任状并发送给 MAG。 HAAA生成相同的信任状来 验证 MAG发送的 PBU消息。  1) In addition to obtaining a credential from HAAA, the MAG may also obtain a credential from the MN. For example, after the access authentication succeeds, the MN generates a credential by using the Ks shared with the HAAA and sends the credential to the MAG. HAAA generates the same credential to verify the PBU message sent by the MAG.
2)在单重 PMIP隧道的情况下, 一种简单的信任状是当前为 MN提供服务的 MAG的身 份, 即 MAG ID。 这种方式下, HAAA不需要生成密钥 K作为 MAG使用的信任状。 HAAA 可以记录下当前为 MN提供服务的 MAG ID, LMA接收到 MAG发来的 PBU消息时,和 HAAA 交互以验证发送 PBU消息的 MAG是否为当前为 MN提供服务的 MAG。 如果是, 则信任状 验证通过; 如果不是, 则拒绝进行绑定更新。  2) In the case of a single PMIP tunnel, a simple credential is the identity of the MAG currently serving the MN, ie the MAG ID. In this way, HAAA does not need to generate the key K as the credential used by the MAG. The HAAA can record the MAG ID that is currently serving the MN. When receiving the PBU message sent by the MAG, the LMA interacts with the HAAA to verify whether the MAG that sends the PBU message is the MAG that currently serves the MN. If yes, the credentials are verified; if not, the binding update is rejected.
3 ) HAAA发送密钥 K给 MAG的过程可以采用前面实施例中提到的 HAAA主动下发的 方式, 也可以采用其他的方式。 例如 HAAA记录下当前为 MN提供服务的 MAG的身份, MAG可以发送请求给 HAAA要求获得密钥 K, HAAA检查 MAG是否合法后将密钥 K发给 MAG。 在多重 PMIP隧道的情况下, 其他 LMA获得 K', 甚至 LMA' 获得 K' ' 的方式也可 以采用这种方法。  3) The process in which the HAAA sends the key K to the MAG may be initiated by the HAAA mentioned in the foregoing embodiment, or may be other methods. For example, the HAAA records the identity of the MAG that is currently serving the MN. The MAG can send a request to the HAAA to obtain the key K. The HAAA checks whether the MAG is valid and sends the key K to the MAG. In the case of multiple PMIP tunnels, other LMAs can obtain K', and even LMA's can get K'' in this way.
4) 除了执行 EAP AKA认证过程进行接入认证外, 还可以采用 EAP/SIM认证过程等方 式进行接入认证。 本发明的实施例六提供一种防止恶意攻击的系统, 如图 6所示:  4) In addition to performing the EAP AKA authentication process for access authentication, the EAP/SIM authentication process can also be used for access authentication. Embodiment 6 of the present invention provides a system for preventing malicious attacks, as shown in FIG.
该系统包括 PMIP隧道的起点 601和 PMIP隧道的终点 602;  The system includes a starting point 601 of the PMIP tunnel and an ending point 602 of the PMIP tunnel;
该 PMIP隧道的起点 601获得用于保护该段 PMIP隧道的 PBU消息的信任状,并向 PMIP 隧道的终点 602发送利用该信任状进行保护的 PBU消息;  The start point 601 of the PMIP tunnel obtains a credential for protecting the PBU message of the PMIP tunnel, and sends a PBU message protected by the credential to the end point 602 of the PMIP tunnel;
该 PMIP隧道的终点 602验证该 PBU消息。  The end point 602 of the PMIP tunnel verifies the PBU message.
该系统还可以包括一个家乡 AAA服务器 603, PMIP隧道的终点 602可以通过与该家乡 AAA服务器 603进行交互来验证 PBU消息。 The system may also include a home AAA server 603, the end point 602 of the PMIP tunnel may pass through the hometown The AAA server 603 interacts to verify the PBU message.
PMIP隧道的起点 601可以从家乡 AAA服务器 603处获得信任状, 此时信任状由该家乡 AAA服务器 603生成并发送给 PMIP隧道的起点 601 ; PMIP隧道的起点 601也可以从移动节 点处获得信任状,此时信任状由该移动节点生成并发送给 PMIP隧道的起点 601 ;在单重 PMIP 隧道的情况下, PMIP隧道的起点 601也可以以自己的身份作为信任状。  The origin 601 of the PMIP tunnel can obtain a credential from the home AAA server 603, at which point the credential is generated by the home AAA server 603 and sent to the origin 601 of the PMIP tunnel; the origin 601 of the PMIP tunnel can also obtain a credential from the mobile node. At this time, the credential is generated by the mobile node and sent to the starting point 601 of the PMIP tunnel; in the case of a single PMIP tunnel, the starting point 601 of the PMIP tunnel can also be used as its own identity.
当 PMIP隧道的起点 601从家乡 AAA服务器 603处获得信任状时, 该家乡 AAA服务器 603可以主动发送该信任状给 PMIP隧道的起点 601, 也可以根据 PMIP隧道的起点 601的请 求发送该信任状。  When the starting point 601 of the PMIP tunnel obtains the credential from the home AAA server 603, the home AAA server 603 can actively send the credential to the starting point 601 of the PMIP tunnel, or can send the credential according to the request of the starting point 601 of the PMIP tunnel.
该 PBU消息中可以携带时间戳。  The PBU message can carry a timestamp.
利用信任状对 PBU消息进行保护具体可以是: 利用该信任状计算 MN-AAA认证扩展, 并在该 PBU消息中携带该认证扩展。这种情况下, PMIP隧道的终点 602可以请求家乡 AAA 服务器 603验证该 MN-AAA认证扩展;该家乡 AAA服务器 603利用该信任状对该 MN-AAA 认证扩展进行验证; 验证成功后, 该家乡 AAA服务器 603发送验证成功消息。 该家乡 AAA 服务器 603还可以将该信任状与 PMIP隧道的起点 601的身份关联保存。 此外, 该家乡 AAA 服务器 603还可以生成验证密钥;将该验证密钥发送给 PMIP隧道的终点 602, 并将生成该验 证密钥需要的参数发送给 PMIP隧道的起点 601。该 PMIP隧道的终点 602可以将该验证密钥 与 PMIP隧道的起点 601的身份关联保存。  The protection of the PBU message by using the credential may be: calculating the MN-AAA authentication extension by using the credential, and carrying the authentication extension in the PBU message. In this case, the destination 602 of the PMIP tunnel may request the home AAA server 603 to verify the MN-AAA authentication extension; the home AAA server 603 uses the credentials to verify the MN-AAA authentication extension; after successful authentication, the home AAA The server 603 sends a verification success message. The home AAA server 603 can also associate the credential with the identity of the origin 601 of the PMIP tunnel. In addition, the home AAA server 603 can also generate an authentication key; the verification key is sent to the end point 602 of the PMIP tunnel, and the parameters required to generate the authentication key are sent to the starting point 601 of the PMIP tunnel. The destination 602 of the PMIP tunnel can be associated with the identity of the originating key 601 of the PMIP tunnel.
利用信任状对 PBU 消息进行保护具体可以是: 利用信任状计算 MN-HA 认证扩展或 FA-HA认证扩展, 并在该 PBU消息中携带该认证扩展。 这种情况下, 该 PMIP隧道的终点 602可以向家乡 AAA服务器 603请求用于验证该 PBU消息的信任状; 该家乡 AAA服务器 603将该信任状发送给该 PMIP隧道的终点 602; 该 PMIP隧道的终点 602利用该信任状验证 该 PBU消息。 如果该家乡 AAA服务器 603没有保存该信任状, 则该家乡 AAA服务器 603 将该信任状发送给 PMIP隧道的终点 602之前, 生成该信任状。 该 PMIP隧道的终点 602可 以将该信任状与该 PMIP隧道的起点 601的身份关联保存。  The protection of the PBU message by using the credential may be: calculating the MN-HA authentication extension or the FA-HA authentication extension by using the credential, and carrying the authentication extension in the PBU message. In this case, the destination 602 of the PMIP tunnel may request the home AAA server 603 for a credential for verifying the PBU message; the home AAA server 603 sends the credential to the end point 602 of the PMIP tunnel; Endpoint 602 verifies the PBU message with the credentials. If the home AAA server 603 does not save the credential, the home AAA server 603 generates the credential before sending the credential to the end point 602 of the PMIP tunnel. The destination 602 of the PMIP tunnel can be associated with the identity of the origin 601 of the PMIP tunnel.
本实施例提供的上述系统通过让移动接入网关获得一个信任状, 利用该信任状对绑定更 新消息进行保护, 并验证该绑定更新消息使得只有当前为移动节点提供服务的移动接入网关 才能代理移动节点发送绑定更新消息, 从而避免恶意 MAG攻击所带来的问题。 本发明的实施例七提供一种 PMIP隧道的起点装置, 如图 7所示:  The above system provided by the embodiment provides the mobile access gateway with a credential, protects the binding update message by using the credential, and verifies the binding update message so that only the mobile access gateway currently serving the mobile node is served. In order to proxy the mobile node to send a binding update message, to avoid the problems caused by malicious MAG attacks. Embodiment 7 of the present invention provides a starting point device for a PMIP tunnel, as shown in FIG. 7:
该装置包括信任状获取单元 701和消息发送单元 702; 该信任状获取单元 701用于获取保护 PMIP隧道的绑定更新消息的信任状, 并将所述信 任状提供给消息发送单元 702; The device includes a credential obtaining unit 701 and a message sending unit 702; The credential obtaining unit 701 is configured to obtain a credential of the binding update message that protects the PMIP tunnel, and provide the credential to the message sending unit 702;
该消息发送单元 702用于向 PMIP隧道的终点发送利用该信任状进行保护的绑定更新消 息。  The message sending unit 702 is configured to send a binding update message protected by the credential to the end point of the PMIP tunnel.
本实施例提供的上述装置通过获取信任状, 并利用该信任状对绑定更新消息进行保护, 使得接收装置可以对该消息进行验证, 保证只有当前为移动节点提供服务的移动接入网关才 能代理移动节点发送绑定更新消息, 从而避免恶意 MAG攻击所带来的问题。 本发明的实施例八提供一种 PMIP隧道的终点装置, 如图 8所示:  The foregoing apparatus provided in this embodiment obtains a credential and protects the binding update message by using the credential, so that the receiving apparatus can verify the message to ensure that only the mobile access gateway currently serving the mobile node can proxy. The mobile node sends a binding update message to avoid the problem caused by malicious MAG attacks. Embodiment 8 of the present invention provides a terminal device for a PMIP tunnel, as shown in FIG.
该装置包括消息接收单元 801和验证单元 802;  The device includes a message receiving unit 801 and a verification unit 802;
该消息接收单元 801用于接收 PMIP隧道的起点发送的利用信任状进行保护的绑定更新 消息;  The message receiving unit 801 is configured to receive a binding update message that is protected by a credential sent by a starting point of the PMIP tunnel;
该验证单元 802用于验证该绑定更新消息。  The verification unit 802 is configured to verify the binding update message.
本实施例提供的上述装置通过接收利用信任状保护的绑定更新消息, 并验证该消息, 使 得只有当前为移动节点提供服务的移动接入网关才能代理移动节点发送绑定更新消息, 从而 避免恶意 MAG攻击所带来的问题。 本发明的实施例九提供一种家乡 AAA服务器, 如图 9所示:  The foregoing apparatus provided in this embodiment receives the binding update message by using the credential protection, and verifies the message, so that only the mobile access gateway currently serving the mobile node can proxy the mobile node to send the binding update message, thereby avoiding malicious The problem caused by the MAG attack. Embodiment 9 of the present invention provides a home AAA server, as shown in FIG.
该家乡 AAA服务器包括消息接收单元 901、 验证单元 902和消息发送单元 903 ;  The home AAA server includes a message receiving unit 901, a verification unit 902, and a message sending unit 903;
该消息接收单元 901用于接收 PMIP隧道的终点发送的要求验证 MN-AAA认证扩展的请 求消息;  The message receiving unit 901 is configured to receive a request message for requesting verification of the MN-AAA authentication extension sent by the end point of the PMIP tunnel;
该验证单元 902用于验证该 MN-AAA认证扩展;  The verification unit 902 is configured to verify the MN-AAA authentication extension;
该消息发送单元 903用于在验证成功后, 发送验证成功消息。  The message sending unit 903 is configured to send a verification success message after the verification is successful.
本实施例提供的上述家乡 AAA服务器, 可以对 PMIP隧道的终点发来的 MN-AAA认证 扩展进行验证, 使得该 PMIP隧道的终点可以完成对 PBU消息的验证, 保证只有当前为移动 节点提供服务的移动接入网关才能代理移动节点发送绑定更新消息, 从而避免恶意 MAG攻 击所带来的问题。 本发明的实施例十提供又一种家乡 AAA服务器, 如图 10所示:  The above-mentioned home AAA server provided in this embodiment can verify the MN-AAA authentication extension sent by the end point of the PMIP tunnel, so that the end point of the PMIP tunnel can complete the verification of the PBU message, and ensure that only the current mobile node is served. The mobile access gateway can proxy the mobile node to send a binding update message, thereby avoiding the problems caused by malicious MAG attacks. Embodiment 10 of the present invention provides another home AAA server, as shown in FIG.
该家乡 AAA服务器包括消息接收单元 1001和消息发送单元 1002; 该消息接收单元 1001用于接收 PMIP隧道的终点发送的要求获得信任状的请求消息, 并 触发消息发送单元 1002; The home AAA server includes a message receiving unit 1001 and a message sending unit 1002; The message receiving unit 1001 is configured to receive a request message for obtaining a credential sent by an end point of the PMIP tunnel, and trigger the message sending unit 1002;
该消息发送单元 1002用于将验证绑定更新消息所需的信任状发送给该 PMIP 隧道的终 点。  The message sending unit 1002 is configured to send a credential required to verify the binding update message to the end point of the PMIP tunnel.
本实施例提供的上述家乡 AAA服务器, 可以提供信任状给 PMIP隧道的终点, 使得该 The above-mentioned home AAA server provided in this embodiment can provide a credential to the end point of the PMIP tunnel, so that the
PMIP隧道的终点可以完成对 PBU消息的验证, 保证只有当前为移动节点提供服务的移动接 入网关才能代理移动节点发送绑定更新消息, 从而避免恶意 MAG攻击所带来的问题。 通过以上的实施方式的描述, 本领域的技术人员可以清楚地了解到本发明可借助软件加 必需的通用硬件平台的方式来实现, 当然也可以通过硬件, 但很多情况下前者是更佳的实施 方式。 基于这样的理解, 本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以 软件产品的形式体现出来。 该计算机软件产品可以存储在一个存储介质中, 包括若干指令用 以使得一台网络设备执行本发明各个实施例所述的方法。 The end point of the PMIP tunnel can complete the verification of the PBU message, ensuring that only the mobile access gateway currently serving the mobile node can proxy the mobile node to send a binding update message, thereby avoiding the problem caused by the malicious MAG attack. Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented by means of software plus a necessary general hardware platform, and of course, can also be through hardware, but in many cases, the former is a better implementation. the way. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, can be embodied in the form of a software product. The computer software product can be stored in a storage medium and includes instructions for causing a network device to perform the methods described in various embodiments of the present invention.
以上公开的仅为本发明的几个具体实施例, 但是, 本发明并非局限于此, 任何本领域的 技术人员能思之的变化都应落入本发明的保护范围。  The above disclosure is only a few specific embodiments of the present invention, but the present invention is not limited thereto, and any changes that can be made by those skilled in the art should fall within the protection scope of the present invention.

Claims

权 利 要 求 书 Claim
1、 一种防止恶意攻击的方法, 其特征在于, 包括: A method for preventing a malicious attack, which is characterized by comprising:
获取用于保护代理绑定更新消息的信任状;  Obtain a credential for protecting the proxy binding update message;
向本地移动锚点发送利用所述信任状进行保护的代理绑定更新消息;  Transmitting, to the local mobility anchor, a proxy binding update message protected by the credential;
接收所述本地移动锚点验证所述代理绑定更新消息后返回的代理绑定更新响应。  Receiving a proxy binding update response returned by the local mobility anchor after verifying the proxy binding update message.
2、 如权利要求 1所述的方法, 其特征在于, 获取用于保护代理绑定更新消息的信任状具 体通过以下方法之一实现:  2. The method of claim 1, wherein obtaining the credential for protecting the proxy binding update message is implemented by one of the following methods:
接收家乡 AAA服务器生成的信任状; 或者  Receive a credential generated by the home AAA server; or
接收移动节点发送的信任状, 该信任状由所述移动节点生成; 或者  Receiving a credential sent by the mobile node, the credential being generated by the mobile node; or
以自己的身份作为保护代理绑定更新消息的信任状。  Use your own identity as a credential for the protection agent binding update message.
3、 如权利要求 2所述的方法, 其特征在于, 接收家乡 AAA服务器生成的信任状, 具体 通过以下方法之一实现:  3. The method according to claim 2, wherein receiving the credential generated by the home AAA server is implemented by one of the following methods:
接收家乡 AAA服务器主动发送的所述信任状; 或者  Receiving the credential sent by the home AAA server; or
向家乡 AAA服务器发送请求后, 接收所述家乡 AAA服务器发送的所述信任状。  After sending a request to the home AAA server, the trust is sent by the home AAA server.
4、如权利要求 3所述的方法, 其特征在于, 所述家乡 AAA服务器主动发送所述信任状, 是网络侧与移动节点进行接入认证过程中的一个具体步骤。  The method according to claim 3, wherein the home AAA server actively sends the credential, which is a specific step in the process of performing access authentication by the network side and the mobile node.
5、 如权利要求 1所述的方法, 其特征在于, 所述信任状利用家乡 AAA服务器与移动节 点的共享密钥推演得到。  The method according to claim 1, wherein the credential is derived by using a shared key of the home AAA server and the mobile node.
6、 如权利要求 5所述的方法, 其特征在于, 所述推演信任状的参数还包括发送所述代理 绑定更新消息的设备的身份和 /或移动节点的身份。  The method according to claim 5, wherein the parameter of the derivation credential further comprises an identity of a device that sends the proxy binding update message and/or an identity of the mobile node.
7、 如权利要求 5所述的方法, 其特征在于, 推演所述家乡 AAA服务器与移动节点的共 享密钥的参数包括发送所述代理绑定更新消息的设备的身份。  7. The method of claim 5, wherein the parameter of deriving the shared key of the home AAA server and the mobile node comprises an identity of a device that sends the proxy binding update message.
8、 如权利要求 1所述的方法, 其特征在于, 所述代理绑定更新消息中携带时间戳。 The method according to claim 1, wherein the proxy binding update message carries a timestamp.
9、 如权利要求 1所述的方法, 其特征在于, 向本地移动锚点发送利用所述信任状进行保 护的代理绑定更新消息是指:利用所述信任状计算 MN-AAA认证扩展, 并在所述代理绑定更 新消息中携带该认证扩展。 The method according to claim 1, wherein the sending, by the local mobility anchor, the proxy binding update message protected by the credential means: calculating the MN-AAA authentication extension by using the credential, and The authentication extension is carried in the proxy binding update message.
10、 如权利要求 9所述的方法, 其特征在于, 还包括所述本地移动锚点验证所述代理绑 定更新消息的步骤, 该步骤具体包括:  The method of claim 9, further comprising the step of the local mobility anchor verifying the proxy binding update message, the step specifically comprising:
所述本地移动锚点请求家乡 AAA服务器验证所述 MN-AAA认证扩展; 所述家乡 AAA服务器验证所述 MN-AAA认证扩展; The local mobility anchor requests the home AAA server to verify the MN-AAA authentication extension; The home AAA server verifies the MN-AAA authentication extension;
验证成功后, 所述家乡 AAA服务器发送验证成功消息。  After the verification is successful, the home AAA server sends a verification success message.
11、 如权利要求 10所述的方法, 其特征在于, 所述家乡 AAA服务器验证所述 MN- AAA 认证扩展具体为:  The method according to claim 10, wherein the home AAA server verifies that the MN-AAA authentication extension is specifically:
当所述家乡 AAA服务器保存了所述信任状时, 利用所述信任状验证所述 MN-AAA认证 扩展; 或者  When the home AAA server saves the credential, verifying the MN-AAA authentication extension by using the credential; or
当所述家乡 AAA服务器没有保存所述信任状时, 利用所述家乡 AAA服务器与移动节点 的共享密钥推演信任状, 并利用该信任状验证 MN-AAA认证扩展。  When the home AAA server does not save the credential, the trust key is derived by using the shared key of the home AAA server and the mobile node, and the MN-AAA authentication extension is verified by using the credential.
12、 如权利要求 11所述的方法, 其特征在于, 当所述家乡 AAA服务器保存了所述信任 状时, 所述家乡 AAA服务器还将所述信任状与发送所述代理绑定更新消息的设备的身份关 联保存。  12. The method according to claim 11, wherein when the home AAA server saves the credential, the home AAA server further binds the credential with the proxy binding update message. The identity association of the device is saved.
13、 如权利要求 10所述的方法, 其特征在于, 所述方法还包括:  The method of claim 10, wherein the method further comprises:
所述家乡 AAA服务器生成验证密钥;  The home AAA server generates a verification key;
所述家乡 AAA服务器将所述验证密钥发送给所述本地移动锚点;  The home AAA server sends the verification key to the local mobility anchor point;
所述家乡 AAA服务器向发送所述代理绑定更新消息的设备发送生成所述验证密钥需要 的参数。  The home AAA server sends a parameter required to generate the verification key to a device that sends the proxy binding update message.
14、 如权利要求 13 所述的方法, 其特征在于, 推演所述验证密钥的参数包括所述家乡 AAA服务器与移动节点的共享密钥, 或所述信任状。  14. The method according to claim 13, wherein the parameter for deriving the verification key comprises a shared key of the home AAA server and the mobile node, or the credential.
15、 如权利要求 14所述的方法, 其特征在于, 推演所述验证密钥的参数还包括所述家乡 AAA服务器生成的时间随机数和 /或发送所述代理绑定更新消息的设备生成的时间随机数。  The method according to claim 14, wherein the parameter for deriving the verification key further comprises a time random number generated by the home AAA server and/or a device generated by the device that sends the proxy binding update message. Time random number.
16、 如权利要求 13所述的方法, 其特征在于, 所述家乡 AAA服务器将所述验证密钥发 送给所述本地移动锚点具体为: 所述家乡 AAA服务器将所述验证密钥携带在验证成功消息 中发送给所述本地移动锚点。  The method according to claim 13, wherein the home AAA server sends the verification key to the local mobility anchor, where the home AAA server carries the verification key in The verification success message is sent to the local mobility anchor.
17、 如权利要求 13所述的方法, 其特征在于, 所述本地移动锚点将所述验证密钥与发送 所述代理绑定更新消息的设备的身份关联保存。  17. The method of claim 13, wherein the local mobility anchor associates the verification key with an identity of a device that sends the proxy binding update message.
18、 如权利要求 13所述的方法, 其特征在于, 所述验证密钥被设置了生命期, 当生命期 到达时, 所述本地移动锚点删除该验证密钥。  18. The method according to claim 13, wherein the verification key is set to a lifetime, and when the lifetime reaches, the local mobility anchor deletes the verification key.
19、 如权利要求 1所述的方法, 其特征在于, 向本地移动锚点发送利用所述信任状进行 保护的代理绑定更新消息是指: 利用所述信任状计算 MN-HA认证扩展或 FA-HA认证扩展, 并在所述代理绑定更新消息中携带该认证扩展。 The method according to claim 1, wherein the sending a proxy binding update message protected by the credential to the local mobility anchor means: calculating the MN-HA authentication extension or the FA by using the credential - HA authentication extension, and carrying the authentication extension in the proxy binding update message.
20、 如权利要求 19所述的方法, 其特征在于, 所述本地移动锚点验证所述代理绑定更新 消息包括: The method according to claim 19, wherein the verifying, by the local mobility anchor, the proxy binding update message comprises:
所述本地移动锚点向家乡 AAA服务器请求用于验证所述代理绑定更新消息的信任状; 所述家乡 AAA服务器将所述信任状发送给所述本地移动锚点;  The local mobility anchor requests a credential for verifying the proxy binding update message to a home AAA server; the home AAA server sends the credential to the local mobility anchor;
所述本地移动锚点利用所述信任状验证所述代理绑定更新消息。  The local mobility anchor verifies the proxy binding update message with the credential.
21、 如权利要求 20所述的方法, 其特征在于, 若所述家乡 AAA服务器没有保存所述信 任状, 则所述家乡 AAA服务器将所述信任状发送给所述本地移动锚点之前, 生成所述信任 状。  The method according to claim 20, wherein if the home AAA server does not save the credential, the home AAA server generates the credential before sending the credential to the local mobility anchor. The credential.
22、 如权利要求 20所述的方法, 其特征在于, 所述本地移动锚点将所述信任状与发送所 述代理绑定更新消息的设备的身份关联保存。  22. The method of claim 20, wherein the local mobility anchor associates the credential with an identity of a device that sends the proxy binding update message.
23、 如权利要求 10所述的方法, 其特征在于, 当再次向所述本地移动锚点发送代理绑定 更新消息时, 包括:  The method according to claim 10, wherein when the proxy binding update message is sent to the local mobility anchor again, the method includes:
利用所述信任状再次计算 MN-AAA认证扩展,并在所述再次发送的代理绑定更新消息中 携带该认证扩展;  Recalculating the MN-AAA authentication extension by using the credential, and carrying the authentication extension in the re-transmitted proxy binding update message;
所述本地移动锚点请求所述家乡 AAA服务器验证该再次计算的 MN-AAA认证扩展; 所述家乡 AAA服务器验证所述再次计算的 MN-AAA认证扩展;  The local mobility anchor requests the home AAA server to verify the recalculated MN-AAA authentication extension; the home AAA server verifies the recalculated MN-AAA authentication extension;
验证成功后, 所述家乡 AAA服务器发送验证成功消息。  After the verification is successful, the home AAA server sends a verification success message.
24、 如权利要求 13所述的方法, 其特征在于, 再次向所述本地移动锚点发送代理绑定更 新消息时, 包括:  The method of claim 13, wherein when the proxy binding update message is sent to the local mobility anchor again, the method includes:
利用收到的所述参数生成验证密钥;  Generating a verification key using the received parameters;
利用所述验证密钥计算 MN-HA认证扩展或 FA-HA认证扩展, 并在所述再次发送的代理 绑定更新消息中携带该认证扩展;  Calculating the MN-HA authentication extension or the FA-HA authentication extension by using the verification key, and carrying the authentication extension in the re-transmitted proxy binding update message;
若所述本地移动锚点保存了验证密钥, 则利用该验证密钥验证所述 MN-HA认证扩展或 FA-HA认证扩展; 若所述本地移动锚点没有保存验证密钥, 则指示发送所述代理绑定更新消 息的设备发送携带 MN-AAA认证扩展的代理绑定更新消息。  If the local mobility anchor saves the verification key, the MN-HA authentication extension or the FA-HA authentication extension is verified by using the verification key; if the local mobility anchor does not save the verification key, the indication is sent The device with the proxy binding update message sends a proxy binding update message carrying the MN-AAA authentication extension.
25、 如权利要求 20所述的方法, 其特征在于, 再次向所述本地移动锚点发送代理绑定更 新消息时, 包括:  The method of claim 20, wherein when the proxy binding update message is sent to the local mobility anchor again, the method includes:
利用所述信任状计算 MN-HA认证扩展或 FA-HA认证扩展, 并在所述再次发送的代理绑 定更新消息中携带该认证扩展;  Calculating the MN-HA authentication extension or the FA-HA authentication extension by using the credential, and carrying the authentication extension in the re-transmitted proxy binding update message;
所述本地移动锚点利用自身保存的信任状验证所述代理绑定更新消息。 The local mobility anchor verifies the proxy binding update message with its own saved credentials.
26、 如权利要求 1所述的方法, 其特征在于, 发送所述代理绑定更新消息的设备为移动 接入网关, 移动节点更换为其服务的移动接入网关后, 还包括: The method of claim 1, wherein the device that sends the proxy binding update message is a mobile access gateway, and after the mobile node replaces the mobile access gateway served by the mobile node, the method further includes:
家乡 AAA服务器生成新的信任状;  The home AAA server generates a new credential;
所述家乡 AAA服务器将所述新的信任状发送给所述更换后的移动接入网关。  The home AAA server sends the new credential to the replaced mobile access gateway.
27、 如权利要求 26所述的方法, 其特征在于, 所述家乡 AAA服务器生成新的信任状之 前, 还包括:  The method according to claim 26, wherein before the home AAA server generates a new credential, the method further includes:
网络侧与所述移动节点进行接入认证, 更新所述家乡 AAA服务器与所述移动节点的共 享密钥; 或者  The network side performs access authentication with the mobile node, and updates a shared key of the home AAA server and the mobile node; or
网络侧与所述移动节点不进行接入认证, 当所述家乡 AAA服务器感知到移动接入网关 的更换时, 推演新的所述家乡 AAA服务器与所述移动节点的共享密钥。  The network side and the mobile node do not perform access authentication. When the home AAA server senses the replacement of the mobile access gateway, the new shared key of the home AAA server and the mobile node is derived.
28、如权利要求 26所述的方法, 其特征在于, 所述家乡 AAA服务器生成新的信任状后, 还包括:  The method according to claim 26, wherein after the home AAA server generates a new credential, the method further includes:
所述家乡 AAA服务器生成新的验证密钥, 并发送给所述本地移动锚点; 所述家乡 AAA 服务器还将生成新的验证密钥所需要的参数发送给更换后的移动接入网关; 或者  The home AAA server generates a new verification key and sends the verification key to the local mobility anchor; the home AAA server also sends the parameters required for generating a new verification key to the replaced mobile access gateway; or
所述家乡 AAA服务器将所述新的信任状发送给所述本地移动锚点。  The home AAA server sends the new credential to the local mobility anchor.
29、 如权利要求 28所述的方法, 其特征在于, 还包括:  29. The method of claim 28, further comprising:
当所述本地移动锚点收到新的验证密钥后, 删除原验证密钥; 或者  After the local mobile anchor receives the new verification key, delete the original verification key; or
当所述本地移动锚点收到新的信任状后, 删除原信任状。  After the local mobility anchor receives the new credential, the original credential is deleted.
30、 如权利要求 2所述的方法, 其特征在于, 发送所述代理绑定更新消息的设备为移动 接入网关, 当所述移动接入网关以自己的身份作为保护代理绑定更新消息的信任状时, 所述 本地移动锚点验证所述代理绑定更新消息, 具体包括:  30. The method according to claim 2, wherein the device that sends the proxy binding update message is a mobile access gateway, and when the mobile access gateway uses its own identity as a protection proxy binding update message When the credential is verified, the local mobility anchor verifies the proxy binding update message, which specifically includes:
家乡 AAA服务器记录当前为移动节点提供服务的移动接入网关;  The home AAA server records the mobile access gateway currently serving the mobile node;
本地移动锚点和所述家乡 AAA服务器进行交互, 通过验证发来所述代理绑定更新消息 的移动接入网关是否为所述家乡 AAA服务器记录的当前正在为所述移动节点提供服务的移 动接入网关, 来验证所述代理绑定更新消息。  The local mobility anchor interacts with the home AAA server to verify whether the mobile access gateway that sent the proxy binding update message is the mobile connection currently being served by the home AAA server for the mobile node. Enter the gateway to verify the proxy binding update message.
31、 一种防止恶意攻击的方法, 其特征在于, 包括:  31. A method for preventing malicious attacks, which is characterized by comprising:
一段 PMIP隧道的起点获得用于保护该段 PMIP隧道的代理绑定更新消息的信任状; 所述 PMIP隧道的起点向该段 PMIP隧道的终点发送利用所述信任状进行保护的代理绑 定更新消息;  The starting point of the segment of the PMIP tunnel obtains a credential for protecting the proxy binding update message of the segment of the PMIP tunnel; the starting point of the PMIP tunnel sends a proxy binding update message protected by the credential to the end of the segment of the PMIP tunnel ;
所述 PMIP隧道的起点接收所述 PMIP隧道的终点在验证所述代理绑定更新消息后返回 的代理绑定更新响应。 The beginning of the PMIP tunnel receives the end of the PMIP tunnel and returns after verifying the proxy binding update message The proxy binds the update response.
32、 如权利要求 31所述的方法, 其特征在于, 所述 PMIP隧道的起点向该段 PMIP隧道 的终点发送利用所述信任状进行保护的代理绑定更新消息是指: 利用所述信任状计算 MN-AAA认证扩展, 并在所述代理绑定更新消息中携带该认证扩展。  The method according to claim 31, wherein the starting point of the PMIP tunnel sends a proxy binding update message protected by the credential to an end point of the segment PMIP tunnel: using the credential Calculating the MN-AAA authentication extension, and carrying the authentication extension in the proxy binding update message.
33、 如权利要求 32所述的方法, 其特征在于, 所述 PMIP隧道的终点验证所述代理绑定 更新消息包括:  33. The method according to claim 32, wherein the verifying the proxy binding update message by the endpoint of the PMIP tunnel comprises:
所述 PMIP隧道的终点请求家乡 AAA服务器验证所述 MN-AAA认证扩展;  The end point of the PMIP tunnel requests the home AAA server to verify the MN-AAA authentication extension;
所述家乡 AAA服务器验证所述 MN-AAA认证扩展;  The home AAA server verifies the MN-AAA authentication extension;
验证成功后, 所述家乡 AAA服务器发送验证成功消息。  After the verification is successful, the home AAA server sends a verification success message.
34、 如权利要求 33所述的方法, 其特征在于, 所述方法还包括:  34. The method of claim 33, wherein the method further comprises:
所述家乡 AAA服务器生成验证密钥;  The home AAA server generates a verification key;
所述家乡 AAA服务器将所述验证密钥发送给所述 PMIP隧道的终点;  The home AAA server sends the verification key to an end point of the PMIP tunnel;
所述家乡 AAA服务器将生成所述验证密钥需要的参数发送给所述 PMIP隧道的起点。 The home AAA server sends the parameters required to generate the verification key to the starting point of the PMIP tunnel.
35、 如权利要求 34所述的方法, 其特征在于, 所述 PMIP隧道的起点再次向所述 PMIP 隧道的终点发送代理绑定更新消息时, 包括: The method of claim 34, wherein when the starting point of the PMIP tunnel sends the proxy binding update message to the end of the PMIP tunnel again, the method includes:
利用收到的所述参数生成验证密钥;  Generating a verification key using the received parameters;
利用所述验证密钥计算 MN-HA认证扩展或 FA-HA认证扩展, 并在所述再次发送的代理 绑定更新消息中携带该认证扩展;  Calculating the MN-HA authentication extension or the FA-HA authentication extension by using the verification key, and carrying the authentication extension in the re-transmitted proxy binding update message;
若所述 PMIP隧道的终点保存了验证密钥, 则利用该验证密钥验证所述 MN-HA认证扩 展或 FA-HA认证扩展; 若所述 PMIP隧道的终点没有保存验证密钥, 则指示所述 PMIP隧道 的起点发送携带 MN-AAA认证扩展的代理绑定更新消息。  If the end point of the PMIP tunnel saves the verification key, the verification key is used to verify the MN-HA authentication extension or the FA-HA authentication extension; if the end point of the PMIP tunnel does not save the verification key, the indication is The origin of the PMIP tunnel sends a proxy binding update message carrying the MN-AAA authentication extension.
36、 如权利要求 31所述的方法, 其特征在于, 所述 PMIP隧道的起点向该段 PMIP隧道 的终点发送利用所述信任状进行保护的代理绑定更新消息是指:利用所述信任状计算 MN-HA 认证扩展或 FA-HA认证扩展, 并在所述代理绑定更新消息中携带该认证扩展。  The method according to claim 31, wherein the starting point of the PMIP tunnel sending the proxy binding update message protected by the credential to the end point of the segment PMIP tunnel means: using the credential The MN-HA authentication extension or the FA-HA authentication extension is calculated, and the authentication extension is carried in the proxy binding update message.
37、 如权利要求 36所述的方法, 其特征在于, 所述 PMIP隧道的终点验证所述代理绑定 更新消息包括:  37. The method according to claim 36, wherein the verifying the proxy binding update message by the endpoint of the PMIP tunnel comprises:
所述 PMIP隧道的终点向家乡 AAA服务器请求用于验证所述代理绑定更新消息的信任 状;  The endpoint of the PMIP tunnel requests a trust from the home AAA server to verify the proxy binding update message;
所述家乡 AAA服务器将所述信任状发送给所述 PMIP隧道的终点;  The home AAA server sends the credential to an end point of the PMIP tunnel;
所述 PMIP隧道的终点利用所述信任状验证所述代理绑定更新消息。 The endpoint of the PMIP tunnel authenticates the proxy binding update message with the credential.
38、 如权利要求 31所述的方法, 其特征在于, 所述 PMIP隧道的终点验证所述代理绑定 更新消息后, 还包括: The method of claim 31, wherein after the endpoint of the PMIP tunnel verifies the proxy binding update message, the method further includes:
所述 PMIP隧道的终点获得用于保护下一段 PMIP隧道的代理绑定更新消息的信任状。 The end of the PMIP tunnel obtains a credential for protecting the proxy binding update message for the next segment of the PMIP tunnel.
39、 一种防止恶意攻击的系统, 其特征在于, 所述系统包括 PMIP 隧道的起点和 PMIP 隧道的终点; 39. A system for preventing malicious attacks, characterized in that the system comprises a starting point of a PMIP tunnel and an end point of a PMIP tunnel;
所述 PMIP隧道的起点获得用于保护该段 PMIP隧道的代理绑定更新消息的信任状, 向 所述 PMIP隧道的终点发送利用所述信任状进行保护的代理绑定更新消息;  And obtaining, by the starting point of the PMIP tunnel, a credential for protecting a proxy binding update message of the segment of the PMIP tunnel, and sending, to the end of the PMIP tunnel, a proxy binding update message that is protected by using the credential;
所述 PMIP隧道的终点验证所述代理绑定更新消息。  The endpoint of the PMIP tunnel verifies the proxy binding update message.
40、 如权利要求 39所述的系统, 其特征在于, 所述 PMIP隧道的起点向所述 PMIP隧道 的终点发送利用所述信任状进行保护的代理绑定更新消息是指: 利用所述信任状计算 40. The system according to claim 39, wherein the starting point of the PMIP tunnel sends a proxy binding update message protected by the credential to an end point of the PMIP tunnel: using the credential Calculation
MN-AAA认证扩展, 并在所述代理绑定更新消息中携带该认证扩展。 The MN-AAA authentication extension, and the authentication extension is carried in the proxy binding update message.
41、 如权利要求 40所述的系统, 其特征在于, 所述系统还包括家乡 AAA服务器。 41. The system of claim 40, wherein the system further comprises a home AAA server.
42、 如权利要求 41所述的系统, 其特征在于, 所述 PMIP隧道的终点验证所述代理绑定 更新消息包括: The system of claim 41, wherein the verifying the proxy binding update message by the endpoint of the PMIP tunnel comprises:
所述 PMIP隧道的终点请求所述家乡 AAA服务器验证所述 MN-AAA认证扩展; 所述家乡 AAA服务器验证所述 MN-AAA认证扩展;  The destination of the PMIP tunnel requests the home AAA server to verify the MN-AAA authentication extension; the home AAA server verifies the MN-AAA authentication extension;
验证成功后, 所述家乡 AAA服务器发送验证成功消息。  After the verification is successful, the home AAA server sends a verification success message.
43、 如权利要求 42所述的系统, 其特征在于, 还包括:  43. The system of claim 42, further comprising:
所述家乡 AAA服务器生成验证密钥;  The home AAA server generates a verification key;
所述家乡 AAA服务器将所述验证密钥发送给所述 PMIP隧道的终点;  The home AAA server sends the verification key to an end point of the PMIP tunnel;
所述家乡 AAA服务器将生成所述验证密钥需要的参数发送给所述 PMIP隧道的起点。 The home AAA server sends the parameters required to generate the verification key to the starting point of the PMIP tunnel.
44、 如权利要求 39所述的系统, 其特征在于, 所述 PMIP隧道的起点向所述 PMIP隧道 的终点发送利用所述信任状进行保护的代理绑定更新消息是指:利用所述信任状计算 MN-HA 认证扩展或 FA-HA认证扩展, 并在所述代理绑定更新消息中携带该认证扩展。 The system according to claim 39, wherein the starting point of the PMIP tunnel sending the proxy binding update message protected by the credential to the end point of the PMIP tunnel means: using the credential The MN-HA authentication extension or the FA-HA authentication extension is calculated, and the authentication extension is carried in the proxy binding update message.
45、 如权利要求 44所述的系统, 其特征在于, 所述系统还包括家乡 AAA服务器。 45. The system of claim 44, wherein the system further comprises a home AAA server.
46、 如权利要求 45所述的系统, 其特征在于, 所述 PMIP隧道的终点验证所述代理绑定 更新消息包括: 46. The system of claim 45, wherein the verifying the proxy binding update message by the endpoint of the PMIP tunnel comprises:
所述 PMIP隧道的终点向所述家乡 AAA服务器请求用于验证所述代理绑定更新消息的信 任状;  The end point of the PMIP tunnel requests a request for verifying the proxy binding update message from the home AAA server;
所述家乡 AAA服务器将所述信任状发送给所述 PMIP隧道的终点; 所述 PMIP隧道的终点利用所述信任状验证所述代理绑定更新消息。 The home AAA server sends the credential to an end point of the PMIP tunnel; The endpoint of the PMIP tunnel authenticates the proxy binding update message with the credential.
47、 一种 PMIP隧道的起点装置, 其特征在于, 所述装置包括:  47. A starting point device for a PMIP tunnel, the device comprising:
信任状获取单元: 用于获取保护 PMIP隧道的代理绑定更新消息的信任状, 并将所述信 任状提供给消息发送单元;  a credential obtaining unit: configured to obtain a credential of a proxy binding update message that protects the PMIP tunnel, and provide the credential to the message sending unit;
消息发送单元: 用于向 PMIP隧道的终点发送利用所述信任状进行保护的代理绑定更新 消息。  The message sending unit is configured to send a proxy binding update message protected by the credential to an end point of the PMIP tunnel.
48、 一种 PMIP隧道的终点装置, 其特征在于, 所述装置包括:  48. A terminal device for a PMIP tunnel, the device comprising:
消息接收单元: 用于接收 PMIP隧道的起点发送的利用信任状进行保护的代理绑定更新 消息;  a message receiving unit: configured to receive a proxy binding update message that is protected by a credential sent by a starting point of the PMIP tunnel;
验证单元: 用于验证所述代理绑定更新消息。  Verification unit: Used to verify the proxy binding update message.
49、 一种家乡 AAA服务器, 其特征在于, 所述家乡 AAA服务器包括:  49. A home AAA server, wherein the home AAA server comprises:
消息接收单元:用于接收 PMIP隧道的终点发送的要求验证 MN-AAA认证扩展的请求消 息;  a message receiving unit: a request message for receiving an end point of the PMIP tunnel and requesting verification of the MN-AAA authentication extension;
验证单元: 用于验证所述 MN- AAA认证扩展;  a verification unit: for verifying the MN-AAA authentication extension;
消息发送单元: 用于在验证成功后, 发送验证成功消息。  Message sending unit: Used to send a verification success message after the verification is successful.
50、 一种家乡 AAA服务器, 其特征在于, 所述家乡 AAA服务器包括:  50. A home AAA server, wherein the home AAA server comprises:
消息接收单元: 用于接收 PMIP隧道的终点发送的要求获得信任状的请求消息, 并触发 消息发送单元;  a message receiving unit: configured to receive a request message for obtaining a credential sent by an end point of the PMIP tunnel, and trigger a message sending unit;
消息发送单元: 用于将验证代理绑定更新消息所需的信任状发送给所述 PMIP隧道的终 点。  Message sending unit: The credential required for verifying the proxy binding update message is sent to the end point of the PMIP tunnel.
PCT/CN2008/072984 2007-11-08 2008-11-07 A method, system and apparatus for preventing hostile attack WO2009067905A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA2007101244450A CN101431756A (en) 2007-11-08 2007-11-08 Method, system and apparatus for preventing hostile attack
CN200710124445.0 2007-11-08

Publications (1)

Publication Number Publication Date
WO2009067905A1 true WO2009067905A1 (en) 2009-06-04

Family

ID=40646864

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/072984 WO2009067905A1 (en) 2007-11-08 2008-11-07 A method, system and apparatus for preventing hostile attack

Country Status (2)

Country Link
CN (1) CN101431756A (en)
WO (1) WO2009067905A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040036118A (en) * 2002-10-23 2004-04-30 한국전자통신연구원 Aaa key refresh mechanism method between mobile ip mobile node and home diameter server
CN1758651A (en) * 2004-09-07 2006-04-12 三星电子株式会社 Use Care-of Address (COA) binding protocol to come authenticating address ownership
WO2006118342A1 (en) * 2005-04-28 2006-11-09 Matsushita Electric Industrial Co., Ltd. System, associated methods and apparatus for securing prefix-scoped binding updates
US20070113075A1 (en) * 2005-11-10 2007-05-17 Ntt Docomo, Inc. Secure route optimization for mobile network using multi-key crytographically generated addresses
CN1989754A (en) * 2004-07-23 2007-06-27 思科技术公司 Methods and apparatus for achieving route optimization and location privacy in an ipv6 network
CN101170806A (en) * 2006-10-27 2008-04-30 华为技术有限公司 Establishment method, secure system and related device for secure mechanism in agent mobile IP

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040036118A (en) * 2002-10-23 2004-04-30 한국전자통신연구원 Aaa key refresh mechanism method between mobile ip mobile node and home diameter server
CN1989754A (en) * 2004-07-23 2007-06-27 思科技术公司 Methods and apparatus for achieving route optimization and location privacy in an ipv6 network
CN1758651A (en) * 2004-09-07 2006-04-12 三星电子株式会社 Use Care-of Address (COA) binding protocol to come authenticating address ownership
WO2006118342A1 (en) * 2005-04-28 2006-11-09 Matsushita Electric Industrial Co., Ltd. System, associated methods and apparatus for securing prefix-scoped binding updates
US20070113075A1 (en) * 2005-11-10 2007-05-17 Ntt Docomo, Inc. Secure route optimization for mobile network using multi-key crytographically generated addresses
CN101170806A (en) * 2006-10-27 2008-04-30 华为技术有限公司 Establishment method, secure system and related device for secure mechanism in agent mobile IP

Also Published As

Publication number Publication date
CN101431756A (en) 2009-05-13

Similar Documents

Publication Publication Date Title
JP4913909B2 (en) Route optimization in mobile IP networks
Arkko et al. Enhanced route optimization for mobile IPv6
US8918522B2 (en) Re-establishment of a security association
JP4291272B2 (en) How to register home address of mobile node with home agent
JP5238029B2 (en) Method and apparatus for roaming between communication networks
JP4585002B2 (en) High-speed network connection mechanism
JP4477003B2 (en) Location privacy in communication systems
Chuang et al. SPAM: A secure password authentication mechanism for seamless handover in proxy mobile IPv6 networks
JP2010506520A (en) Method and apparatus for MobileIP route optimization
JP5102372B2 (en) Method and apparatus for use in a communication network
WO2008040178A1 (en) Method and device for binding update between mobile node and correspondent node
Lee et al. HOTA: Handover optimized ticket-based authentication in network-based mobility management
JP2007036641A (en) Home agent device, and communication system
US8447981B2 (en) Method and system for generating and distributing mobile IP security key after re-authentication
Praptodiyono et al. Mobile IPv6 vertical handover specifications, threats, and mitigation methods: A survey
WO2007082427A1 (en) A method, system and apparatus for optimizing route in mobile ipv6
Laurent-Maknavicius et al. Inter-domain security for mobile Ipv6
WO2008052470A1 (en) Method for establishing mobile ip security mechanism, security system and the relevant device
Qiu et al. A pmipv6-based secured mobility scheme for 6lowpan
WO2009067905A1 (en) A method, system and apparatus for preventing hostile attack
Zubair et al. DMAM: distributed mobility and authentication mechanism in next generation networks
ZHANG et al. AAA authentication for network mobility
Zhang Interworking security in heterogeneous wireless IP networks
Elshakankiry Securing home and correspondent registrations in mobile IPv6 networks
Kim et al. Secure and low latency handoff scheme for proxy mobile ipv6

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08855611

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08855611

Country of ref document: EP

Kind code of ref document: A1