|
Dear all,
I have a question regarding the MN's verification of
SKey ;received from the CN.
In Step 4 of Initial Binding Update, how can the MN
verify that the SKey
in BA is sent from the real CN not from an
attacker?
If the Kbmperm is made by means of
a method that only the CN knows,
an attacker could also generate a random number to
claim to be a Kbmperm.
The attacker-made Kbmperm could also be encrypted with the MN's public key
as is the case of the CN-made Kbmperm.
If the attacker-made Kbmperm arrives at the MN before the Kbmperm from
the CN arrives,
the MN will have the attacker-made Kbmperm which is
not what the actual CN has.
Then, I think, it would not be able to send Binding
Update to the CN afterwards.
Am I missing something?
Regards,
Manhee |