Abstract

In this work, a new key exchange protocol for IP-based mobile networks is introduced. This protocol is called KEPSOM (Key Exchange Protocol Supporting Mobility and Multihoming). The goals of designing KEPSOM are to develop key exchange protocol proposal characterized by its secrecy, simplicity, efficiency, resistivity, and its ability to support mobility and multihoming. The protocol requires only two roundtrips. The design limits the private information revealed by the initiator. An old security association (SA) can be replaced with a new one by rekeying without the need of restarting the protocol with a new session. On the other hand, the changes in IP address due to mobility or multihoming need not to restart the protocol with a new SA session. The proposed protocol can also support key exchange in hybrid wireless network, in which the mobile node can operate in both Ad Hoc and Base Station-oriented wireless network environments using different transmission modes. KEPSOM has been analyzed and proven secure. Several tests have been done to measure and evaluate the performance of the protocol. In these tests, it is found that the required time for rekeying is about 27% of the total required time for exchanging the keys. And the required time to detect and update the change in IP address, which may occur due to mobility or multihoming, is less than 10% of the total required time to establish a new SA sessions.