主权项 |
1. A method in a first access router in a packet-switched communication network for determining that a first endpoint originating a communication session with a second endpoint is not initiating a malicious man-in-the-middle attack, wherein the first access router provides access for the first endpoint to the network and a second access router provides access for the second endpoint to the network, wherein the first and second endpoints are either fixed or mobile endpoints, and communicate utilizing a communication protocol supporting fixed and mobile endpoints, wherein after the first and second endpoints conduct a secure key exchange, the method comprises:
utilizing a Prefix Reachability Detection (PRD) protocol to determine the first endpoint is topologically legitimate due to being topologically located behind the first access router and thus not located between the first access router and the second access router, wherein the step of utilizing the PRD protocol includes:
receiving by the first access router, a Prefix Request Test Initialization (PRTI) message from the second access router requesting a Neighbor Reachability Discovery (NRD) for the first endpoint;verifying by the first access router that the PRTI message was sent by the second access router;upon verifying that the PRTI message was sent by the second access router, sending a NRD message from the first access router to one or more endpoints topologically located behind the first access router;receiving by the first access router, a response from the first endpoint that includes a hash of a shared secret key, wherein receipt of the response proves the first endpoint is topologically located behind the first access router, and the hash of the shared secret key identifies the first endpoint;determining whether the hash of the shared secret key received from the first endpoint is correct; anddetermining by the first access router that the first endpoint is topologically legitimate when the hash of the shared secret key received from the first endpoint is correct; and sending from the first access router to the second access router, a PRTI message response indicating the first endpoint is topologically legitimate, wherein the PRTI message includes a signature of the second access router, and the step of verifying that the PRTI message was sent by the second access router includes retrieving a public key of the second access router and utilizing the public key to check the signature of the second access router. |