Mobile IP Working Group Charles E. Perkins INTERNET DRAFT Nokia Research Center 27 August 2001 Pat R. Calhoun Sun Microsystems Laboratories Generalized Key Distribution Extensions for Mobile IP draft-ietf-mobileip-gen-key-01.txt Status of This Memo This document is a submission by the mobile-ip Working Group of the Internet Engineering Task Force (IETF). Comments should be submitted to the mobile-ip@sunroof.eng.sun.com mailing list. Distribution of this memo is unlimited. This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at: http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at: http://www.ietf.org/shadow.html. Abstract Recent proposals have suggested several kinds of key extensions for Mobile IP registration messages. These keys may be used between the mobile node and mobility agents, or between the mobility agents themselves. This document specifies generalized extension formats that can be useful for several kinds of key distributions. Each generalized extension format will have subtypes which indicate the specific format for the key distribution data. Perkins, Calhoun Expires 27 February 2002 [Page i] Internet Draft Generalized Key Extensions 27 August 2001 1. Introduction Recent proposals [5, 6] have suggested several kinds of key extensions for Mobile IP [4] registration messages. These keys may be used between the mobile node and mobility agents, or between the mobility agents themselves. This document specifies generalized extension formats that can be useful for several kinds of key distributions. Each generalized extension format will have subtypes which indicate the specific format for the key distribution data. Each generalized format conforms to the overall format suggested for generalized Mobile IP extensions recently described for MIER [2]. Different generalized extensions are defined depending upon the following factors: - The intended use of the key - Whether the extension requests a key or supplies a key Extensions that request a key are allowable in Mobile IP Registration Request messages. Extensions that supply key material are allowable in Mobile IP Registration Reply messages. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [1]. 2. Generalized MN-FA Key Request Extension Figure 1 illustrates the Generalized MN-FA Key Request Extension. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Mobile Node SPI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MN-FA Key Request Subtype Data ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: The Generalized Mobile IP MN-FA Key Request Extension Type TBD (not skippable) (see [4] and section 8) Perkins, Calhoun Expires 27 February 2002 [Page 1] Internet Draft Generalized Key Extensions 27 August 2001 Subtype a number assigned to identify the way in which the Key Request Data is to be used when generating the registration key Length The 16-bit Length field indicates the length of the extension. It is equal to the number of bytes in the MN-FA Key Request Subtype Data plus 4 (for the Mobile Node SPI field), and SHOULD be at least 20. Mobile Node SPI The Security Parameters Index that the mobile node will assign for the security association created for use with the registration key. MN-FA Key Request Subtype Data Data needed to carry out the creation of the registration key on behalf of the mobile node. The Generalized MN-FA Key Request Extension defines a set of extensions, identified by subtype, which may be used by a mobile node in a Mobile IP Registration Request message to request that some other entity create a key for use by the mobile node with the mobile node's new foreign agent. 3. Generalized MN-FA Key Reply Extension The Generalized MN-FA Key Reply extension supplies a registration key requested by using one of the subtypes of the Generalized MN-FA Key Request extension. Figure 2 illustrates the format Generalized MN-FA Key Reply Extension. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MN-FA Key Reply Subtype Data ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: The Generalized Mobile IP MN-FA Key Reply Extension Type TBD (not skippable) (see [4] and section 8) Perkins, Calhoun Expires 27 February 2002 [Page 2] Internet Draft Generalized Key Extensions 27 August 2001 Subtype a number assigned to identify the way in which the MN-FA Key Reply Subtype Data is to be decrypted to obtain the registration key Length The 16-bit Length field is equal to the number of bytes in the MN-FA Key Reply Subtype Data. MN-FA Key Reply Subtype Data An encoded copy of the key to be used between the mobile node and the foreign agent, along with any other information needed by the recipient to create the designated Mobility Security Association. For each subtype, the format of the MN-FA Key Reply Subtype Data has to be separately defined according to the particular method required to set up the security association. In some cases, the MN-FA Key supplied in the data for a subtype of this extension comes by a request which was sent using a subtype of the Generalized MN-FA Key Request Extension. In that case, the SPI to be used when employing the security association defined by the registration key is the same as given in the original request. 4. Generalized MN-HA Key Request Extension Figure 3 illustrates the Generalized MN-HA Key Request Extension. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Mobile Node SPI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MN-HA Key Request Subtype Data ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3: The Generalized Mobile IP MN-HA Key Request Extension Type TBD (not skippable) (see [4] and section 8) Subtype a number assigned to identify the way in which the Key Request Data is to be used when generating the registration key Perkins, Calhoun Expires 27 February 2002 [Page 3] Internet Draft Generalized Key Extensions 27 August 2001 Length The 16-bit Length field indicates the length of the extension. It is equal to the number of bytes in the MN-HA Key Request Subtype Data plus 4 (for the Mobile Node SPI field), and SHOULD be at least 20. Mobile Node SPI The Security Parameters Index that the mobile node will assign for the security association created for use with the registration key. MN-HA Key Request Subtype Data Data needed to carry out the creation of the registration key on behalf of the mobile node. The Generalized MN-HA Key Request Extension defines a set of extensions, identified by subtype, which may be used by a mobile node in a Mobile IP Registration Request message to request that some other entity create a key for use by the mobile node with the mobile node's new home agent. 5. Generalized MN-HA Key Reply Extension 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MN-HA Key Reply Subtype Data ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4: The Generalized Mobile IP MN-HA Key Reply Extension Type TBD (not skippable) (see [4] and section 8) Subtype a number assigned to identify the way in which the MN-HA Key Reply Subtype Data is to be decrypted to obtain the registration key Length The 16-bit Length field indicates the length of the extension. It is equal to the number of bytes in the MN-HA Key Reply Subtype Data plus 4 (for the Lifetime field). Perkins, Calhoun Expires 27 February 2002 [Page 4] Internet Draft Generalized Key Extensions 27 August 2001 Lifetime This field indicates the duration of time (in seconds) for which the MN-HA key is valid. MN-HA Key Reply Subtype Data An encrypted copy of the key to be used between the mobile node and its home agent, along with any other information needed by the mobile node to create the designated Mobility Security Association with the home agent. For each subtype, the format of the MN-HA Key Reply Subtype Data has to be separately defined according to the particular method required to set up the security association. 6. Generalized FA-HA Key Reply Extension 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Lifetime | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | FA-HA Key Reply Subtype Data ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: The Generalized Mobile IP FA-HA Key Reply Extension Type TBD (not skippable) (see [4] and section 8) Subtype a number assigned to identify the way in which the FA-HA Key Reply Subtype Data is to be decrypted to obtain the registration key Length The 16-bit Length field is equal to the number of bytes in the FA-HA Key Reply Subtype Data plus 4 (for the Lifetime field). Lifetime This field indicates the duration of time (in seconds) for which the FA-HA key is valid. FA-HA Key Reply Subtype Data An encrypted copy of the key to be used between the foreign agent and the mobile node's home agent, along with any other information needed by the foreign agent Perkins, Calhoun Expires 27 February 2002 [Page 5] Internet Draft Generalized Key Extensions 27 August 2001 to create the designated Mobility Security Association with that home agent. For each subtype, the format of the FA-HA Key Reply Subtype Data has to be separately defined according to the particular method required to set up the security association. 7. Generalized FA-FA Key Reply Extension 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Subtype | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | FA-FA SPI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | FA-FA Key Reply Subtype Data ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 6: The Generalized Mobile IP FA-FA Key Reply Extension Type TBD (not skippable) (see [4] and section 8) Subtype a number assigned to identify the way in which the FA-FA Key Reply Subtype Data is to be decrypted to obtain the registration key Length The 16-bit Length field is equal to the number of bytes in the FA-FA Key Reply Subtype Data plus 4 (for the FA-FA SPI field). FA-FA SPI This field indicates the SPI that should be used to decipher the FA-FA key. FA-FA Key Reply Subtype Data An encrypted copy of the key to be used between two foreign agents, along with any other information needed by the foreign agents to create the desired security association. For each subtype, the format of the FA-FA Key Reply Subtype Data has to be separately defined according to the particular method required to set up the security association. Perkins, Calhoun Expires 27 February 2002 [Page 6] Internet Draft Generalized Key Extensions 27 August 2001 8. IANA Considerations The numbers for the Generalized Key Extensions specified in sections 2 through 7 are to be taken from the non-skippable range of the Mobile IP registration extension namespace defined in [4]. Section 2 introduces the Generalized MN-FA Key Request Extension namespace that requires IANA management. All values other than zero (0) are available for assignment via Standards Action [3]. Section 3 introduces the Generalized MN-FA Key Reply Extension namespace that requires IANA management. All values other than zero (0) are available for assignment via Standards Action [3]. Section 4 introduces the Generalized MN-HA Key Request Extension namespace that requires IANA management. All values other than zero (0) are available for assignment via Standards Action [3]. Section 5 introduces the Generalized MN-HA Key Reply Extension namespace that requires IANA management. All values other than zero (0) are available for assignment via Standards Action [3]. Section 6 introduces the Generalized FA-HA Key Reply Extension namespace that requires IANA management. All values other than zero (0) are available for assignment via Standards Action [3]. Section 7 introduces the Generalized FA-FA Key Reply Extension namespace that requires IANA management. All values other than zero (0) are available for assignment via Standards Action [3]. 9. Security Considerations The extensions in this document are intended to provide the appropriate level of security for Mobile IP entities (mobile node, foreign agent, and home agent) to operate Mobile IP registration protocol. The security associations resulting from use of these extensions do not offer any higher level of security than what is already implicit in use of the security association between the receiver and the entity distributing the key. 10. Acknowledgements Thanks to Jouni Malinen and Madhavi Chandra for their careful review and suggestions for improving this specification. Perkins, Calhoun Expires 27 February 2002 [Page 7] Internet Draft Generalized Key Extensions 27 August 2001 References [1] S. Bradner. Key words for use in RFCs to Indicate Requirement Levels. Request for Comments (Best Current Practice) 2119, Internet Engineering Task Force, March 1997. [2] M. Khalil, R. Narayanan, H. Akhtar, and E. Qaddoura. Mobile IP Extensions Rationalization (MIER) (work in progress). Internet Draft, Internet Engineering Task Force. draft-ietf-mobileip-mier-06.txt, April 2001. [3] T. Narten and H. Alvestrand. Guidelines for Writing an IANA Considerations Section in RFCs. Request for Comments (Best Current Practice) 2434, Internet Engineering Task Force, October 1998. [4] C. Perkins. IP Mobility Support. Request for Comments (Proposed Standard) 2002, Internet Engineering Task Force, October 1996. [5] C. Perkins and P. Calhoun. AAA Keys for Mobile IP (work in progress). Internet Draft, Internet Engineering Task Force. draft-ietf-mobileip-aaa-key-00.txt, July 2001. [6] C. E. Perkins, D. Johnson, and N. Asokan. Registration Keys for Route Optimization (work in progress). draft-ietf-mobileip-regkey-03.txt, July 2000. Addresses The working group can be contacted via the current chairs: Basavaraj Patil Phil Roberts Nokia Megisto Corp. 6000 Connection Dr. Suite 120 20251 Century Blvd Irving, TX. 75039 Germantown MD 20874 USA USA Phone: +1 972-894-6709 Phone: +1 847-202-9314 Email: Basavaraj.Patil@nokia.com Email: PRoberts@MEGISTO.com Questions about this memo can also be directed to the authors: Charles E. Perkins Pat R. Calhoun Communications Systems Lab Nokia Research Center Black Storm Networks 313 Fairchild Drive 250 Cambridge Avenue, Suite 200 Mountain View, California 94043 Palo Alto, California, 94306 USA USA Phone: +1-650 625-2986 Phone: +1 650-617-2932 EMail: charliep@iprg.nokia.com Email: pcalhoun@diameter.org Fax: +1 650 625-2502 Fax: +1 650-786-6445 Perkins, Calhoun Expires 27 February 2002 [Page 8]