Login
Login

Host Identity Protocol

{{Short description|Internet protocol}}

{{Cat more|transport layer}}

{{anchor|HIP-DEX}}

The Host Identity Protocol (HIP) is a host identification technology for use on Internet Protocol (IP) networks, such as the Internet. The Internet has two main name spaces, IP addresses and the Domain Name System. HIP separates the end-point identifier and locator roles of IP addresses. It introduces a Host Identity (HI) name space, based on a public key security infrastructure.

The Host Identity Protocol provides secure methods for IP multihoming and mobile computing.

In networks that implement the Host Identity Protocol, all occurrences of IP addresses in applications are eliminated and replaced with cryptographic host identifiers. The cryptographic keys are typically, but not necessarily, self-generated.

The effect of eliminating IP addresses in application and transport layers is a decoupling of the transport layer from the internetworking layer (Internet Layer) in TCP/IP.RFC 4423, Host Identity Protocol (HIP) Architecture, Section 4.1

HIP was specified in the IETF HIP working group. An Internet Research Task Force (IRTF) HIP research group looks at the broader impacts of HIP.

The working group is chartered to produce Requests for Comments on the "Experimental" track, but it is understood that their quality and security properties should match the standards track requirements. The main purpose for producing Experimental documents instead of standards track ones are the unknown effects that the mechanisms may have on applications and on the Internet in the large.

Version 2

{{unreferenced section|date=November 2024}}

Host Identity Protocol version 2 (HIPv2), also known as HIP version 2, is an update to the protocol that enhances security and support for mobile environments. HIP continues to separate the roles of identification and location in IP addressing by implementing a host identity namespace based on cryptography. This version introduces new features that allow devices to connect more securely and efficiently, even in scenarios involving mobility and multihoming (connecting to multiple networks).

Enhanced security

HIPv2 strengthens device authentication security and provides protection against spoofing and denial-of-service (DoS) attacks. Host Identifiers (HIs) are generated with cryptographic keys, giving each device a unique identity. The protocol also uses the Encapsulating Security Payload (ESP) format for encrypting data, which ensures the integrity and confidentiality of communications.

Mobility and multihoming

HIPv2's design enables devices to change networks without losing the session, a crucial advantage for mobile and IoT applications. This capability to switch networks seamlessly makes HIPv2 well-suited for devices that require constant and reliable connectivity, such as mobile phones and IoT sensors. Additionally, HIPv2 facilitates multihoming, allowing simultaneous connections to multiple networks, which improves connection resilience and availability.

RFC references

  • {{IETF RFC|4423}} - Host Identity Protocol (HIP) Architecture (early "informational" snapshot, obsoleted by RFC 9063)
  • {{IETF RFC|5201}} - Host Identity Protocol base (Obsoleted by RFC 7401)
  • {{IETF RFC|5202}} - Using the Encapsulating Security Payload (ESP) Transport Format with the Host Identity Protocol (HIP) (Obsoleted by RFC 7402)
  • {{IETF RFC|5203}} - Host Identity Protocol (HIP) Registration Extension (obsoleted by RFC 8003)
  • {{IETF RFC|5204}} - Host Identity Protocol (HIP) Rendezvous Extension (obsoleted by RFC 8004)
  • {{IETF RFC|5205}} - Host Identity Protocol (HIP) Domain Name System (DNS) Extension (obsoleted by RFC 8005)
  • {{IETF RFC|5206}} - End-Host Mobility and Multihoming with the Host Identity Protocol
  • {{IETF RFC|5207}} - NAT and Firewall Traversal Issues of Host Identity Protocol (HIP) Communication
  • {{IETF RFC|6092}} - Basic Requirements for IPv6 Customer Edge Routers
  • {{IETF RFC|7401}} - Host identity protocol version 2 (HIPv2) (updated by RFC 8002)
  • {{IETF RFC|7402}} - Using the Encapsulating Security Payload (ESP) transport format with the Host Identity Protocol (HIP)
  • {{IETF RFC|8002}} - Host Identity Protocol Certificates
  • {{IETF RFC|8003}} - Host Identity Protocol (HIP) Registration Extension
  • {{IETF RFC|8004}} - Host Identity Protocol (HIP) Rendezvous Extension
  • {{IETF RFC|8005}} - Host Identity Protocol (HIP) Domain Name System (DNS) Extension
  • {{IETF RFC|8046}} - Host Mobility with the Host Identity Protocol
  • {{IETF RFC|8047}} - Host Multihoming with the Host Identity Protocol
  • {{IETF RFC|9028}} - Native NAT Traversal Mode for the Host Identity Protocol
  • {{IETF RFC|9063}} - Host Identity Protocol Architecture

See also

References

{{Reflist}}

External links

  • [https://datatracker.ietf.org/wg/hip/about/ IETF HIP working group ]
  • [https://www.irtf.org/concluded/hiprg.html IRTF HIP research group]
  • [https://openhip.sourceforge.net/ OpenHIP project]
  • [http://mkomu.kapsi.fi/hipl/index.php?index=how How HIP works - InfraHIP project archive]
  • [http://www.ict-optimix.eu/index.php/HIPSim HIP simulation framework for OMNeT++]. {{Webarchive|url=https://web.archive.org/web/20190628063431/www.ict-optimix.eu/index.php/HIPSim|date=June 2018}}

{{Authentication APIs}}

{{Authority control}}

Category:Internet protocols

Category:Multihoming

Category:Cryptographic protocols

Category:Computer network security

Category:IPsec