Sometimes it is easier to implement prototypes in user space using high-level languages such as Python or Java. In this document we attempt to describe our implementation effort related to Host Identity Protocol version 2. In the first part we describe various security solutions then we discuss some implementation details of the HIP protocol and finally in the last part of this work we discuss the performance of the HIP and IPSec protocols implemented using Python language.
In this section we will describe the basic background. First we will discuss the problem of mobile Internet and introduce the Host Identity Protocol. We then move to the discussion of various security protocols. We will conclude the section with the discussion of Elliptic Curves and a variant of DiffieHellman algorithm which uses EC cryptography ECC.
Internet was designed initially so that the Internet Protocol IP address is playing dual role it is the locator so that the routers can find the recipient of a message and it is an identifier so that the upper layer protocols such as TCP and UDP can make bindings for example transport layer sockets use IP addresses and ports to make a connections. This becomes a problem when a networked device roams from one network to another and so the IP address changes leading to failures in upper layer connections. The other problem is establishment of the authenticated channel between the communicating parties. In practice when making connections long term identities of the parties are not verified. Of course there are solutions such as SSL which can readily solve the problem at hand. However SSL is suitable only for TCP connections and most of the time practical use cases include only secure web surfing and establishment of VPN tunnels. Host Identity Protocol on the other hand is more flexible it allows peers to create authenticated secure channels on the network layer and so all upper layer protocols can benefit from such channels.