• MobileIP Security Issues
• Handoffs
• Multicast

This is an open standard to allow user to keep the same IP Address , stay connected and maintain ongoing applications while roaming between IP networks.

Mobile-IP Architecture

• The Correspondent Host is the Mobile unaware server somewhere in the internet which is currently communicating with the Mobile Host.
• The Mobile Host is a device such as a personal digital assistant, or laptop whose software enables network roaming capabilities.
• The Home Agent is the router at the home network which redirects the packets meant for the Mobile agent to its new position.
• The Foreign Agent is the router in the Foreign network , which delivers packets coming from the Home Agent to the Mobile Host.
• The Care of Address (COA) This is the address assigned by the Foreign Agent to the Mobile Host while it is in that network so that it can communicate with the Foreign Agent.

• There can be a key sharing between Home Agent and Mobile Host.
  While sending the Care Of Address (COA) to the Home Agent it should send encrypted data using the private key k i.e it should send k(COAnew, HAaddress).
  Is this enough........? No... why??
  Because any other Mobile node can cache this packet and after the authentic node is gone or is off,this node can use this packet to receive all the information intended to the real node .This attack is called the Replay Attack.What can be done to avoid this ?...yes time stamping can be done, This is helpful in distinguishing the illegal sender. Instead of time stamping we can also have some random numbers shared between the Home Agent and and the Mobile Host. the Mobile Host will also add a random number in the packet while sending the encryped packet.


• One more possible way is the "Challenge Response" .But this is not desirable here as this will create a undue latency which is not acceptable as these COA updates has to fast.
  

• Home Agent sends a binding update to the CH as soon as it sees the first redirected packet,so that further communication can be direct i.e between CH and Mobile Agent .For this we need a authentication protocol between Home Agent and CH .But the CH are many ,we don't know before hand about them.So what can be done?...send this information in a plain text.
• CH can ask Home Agent for binding updates.It can be shown that the security level in this case is same as the current Internet standards.Lets see how. Here a attacker has to be in between CH and Home Agent to attack.Also to send spurious binding update to CH ,It has to be in the same network in which the Home Agent is .This means a node in the same network can cause problem ,which can also be done in the current standards of the Internet. An agent can send packets by using any source address as far as the address belongs to its network ,this way the routers (even they have source filtering) will not reject the packet.

HandOffs is the phenomena of the Mobile Agent moving from one Foreign Agent to another .This have a little latency.Here we can have two possiblities.

• Mobile Host can notify previous FA immediately so that further packets coming to the previous Foreign Agent are forwarded to the new one.
• The Home Agent can hold simultaneous binding .This means for every packet that arrives at the Home Agent, it will make copies and will send it to all the Foreign Agents , which are curently in his list.

Security Association between Mobile Host and the Foreign Host

The security association between the mobile host and foreign should be established when Mobile Host is getting services from Foreign Agent. So that while sending information about a new Foreign Agent the Mobile Host can use this shared key to update the information at the old Foreign Agent.

Multicast means tranmission of a packet to a subset of the hosts in the network.An efficient multicast facility provides packet delivery to groups of hosts at a lower network and host overhead than broadcasting to all hosts or unicasting to each host in a group.
Multicast can be scoped. They can be admin scoped , this means that the adminstrator of the network will decide what a multicast group consist of .They can be number of hop scoped ,here the no of hops in between will decide whether a node will receive a multicast or not.