| 摘要 |
HIP associates with a node a public key which does not change with location on the network, unlike IP addresses. It is primarily intended for node to node authentication but made be used to authenticate a node to a visited network. Basic authentication has four steps (see Fig. 2) initiate, random number challenge, response and authentication from the initiator and responder alternately. Applied to network logon this corresponds to Fig. 3 steps 1-4 and is followed by the visited authentication server (AAA) verifying the mobile node (MN) with the MN's Home AAA, steps 5-8. The invention proposes including the (HIP) random number challenge in the access point's (AP) broadcast network advertisements (1) and sending Home AAA verification information in a signed certificate (4.5) without awaiting the final authentication message in the HIP cycle (5). These changes establish secure authentication with less network traffic and downtime experienced when migrating to a new network. |
