RIS ID
9496
Abstract
Mobile IP Onternet Protocol) enables access to the Internet anywhere with one IP address, hence, providing the flexibility that is required by today’s growing mobile work force. Deploying Mobile IP introduces new security h a t s that if not carefully addressed can have severe consequences for home organizations. IPSec is a commonly used protection mechanism that is employed in this context. IPSec requires a flexible key management scheme to provide cryptographic keys to communicating entities. A commonly used public key based key management system is SKIP (Simple Key-Management for Internet Protocols). In this paper we consider the scenario where a laptop that is enabled with secure Mobile IP connection using SKIP, is stolen and the aim is to protect the private key stored in the laptop. We propose a method of protecting the private key in which the secret stored in the laptop cannot be used to determine the private key. We also introduce a method of ‘disabling’ the stored secret such that even when the laptop is stolen, there is no need for changing the private key. An important property of our system is that it does not add extra messages to the existing SKIP implementation.
Publication Details
This paper originally appeared as: Wiangsripanawan, R, Safavi-Naini, R & Susilo, W, Securing Mobile IP Enabled Laptop, The 11th IEEE International Conference on Networks, 28 September-1 October 2003, 693-698. Copyright IEEE 2003.