The Inter-Domain Key Exchange Protocol

Abstract

This thesis introduces, specifies and evaluates a novel key establishment mechanism to enable seamless authenticated handovers in IP networks called Inter-Domain Key Exchange Protocol (IDKE). The task of the IDKE protocol is to quickly re-establish trust and a shared session-key between the mobile node and the access network. This is implemented after a mobile node s handover by forwarding the session-key from the previous to the new access network. IDKE s major strength is in providing a secured key forwarding even when the two domains initially do not trust each other. The purpose of the transferred key is to secure the access link, thus providing confidentiality, integrity and access control. Generally such keys are obtained from the mobile node s home network, whereas the IDKE protocol forwards the key locally in between access networks via an exclusively established and secured communication channel. This work specifies security properties for authentication and secrecy and verifies the IDKE protocol by model checking. The protocol is modeled by Communication Sequential Processes (CSP); formal security verification is performed by Failure Divergence Refinement (FDR). Furthermore, the function for handling concurrent protocol runs is added to the IDKE protocol. The extended specification is simulated and verified by utilizing the Specification and Description Language (SDL) in order to analyze the robustness and the scalability of the protocol. Finally, the performance is compared to other approaches such as the Global System for Mobile Communications (GSM) and the Wireless Shared Key Exchange Protocol (W-SKE) using the discrete event simulator OPNET Modeler.