Browse Prior Art Database

Host Identity Protocol Version 2 (HIPv2) (RFC7401) Disclosure Number: IPCOM000241261D
Original Publication Date: 2015-Apr-01
Included in the Prior Art Database: 2015-Apr-10

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

R. Moskowitz: AUTHOR [+5]


This document specifies the details of the Host Identity Protocol (HIP). A high-level description of the protocol and the underlying architectural thinking is available in the separate HIP architecture description [HIP-ARCH]. Briefly, the HIP architecture proposes an alternative to the dual use of IP addresses as "locators" (routing labels) and "identifiers" (endpoint, or host, identifiers). In HIP, public cryptographic keys, of a public/private key pair, are used as host identifiers, to which higher-layer protocols are bound instead of an IP address. By using public keys (and their representations) as host identifiers, dynamic changes to IP address sets can be directly authenticated between hosts, and if desired, strong authentication between hosts at the TCP/IP stack level can be obtained.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 1% of the total text.

Internet Engineering Task Force (IETF)                 R. Moskowitz, Ed. Request for Comments: 7401                                HTT Consulting Obsoletes: 5201                                                  T. Heer Category: Standards Track              Hirschmann Automation and Control ISSN: 2070-1721                                                P. Jokela                                             Ericsson Research NomadicLab                                                             T. Henderson                                                 University of Washington                                                               April 2015

                 Host Identity Protocol Version 2 (HIPv2)


   This document specifies the details of the Host Identity Protocol    (HIP).  HIP allows consenting hosts to securely establish and    maintain shared IP-layer state, allowing separation of the identifier    and locator roles of IP addresses, thereby enabling continuity of    communications across IP address changes.  HIP is based on a Diffie-    Hellman key exchange, using public key identifiers from a new Host    Identity namespace for mutual peer authentication.  The protocol is    designed to be resistant to denial-of-service (DoS) and man-in-the-    middle (MitM) attacks.  When used together with another suitable    security protocol, such as the Encapsulating Security Payload (ESP),    it provides integrity protection and optional encryption for upper-    layer protocols, such as TCP and UDP.

   This document obsoletes RFC 5201 and addresses the concerns raised by    the IESG, particularly that of crypto agility.  It also incorporates    lessons learned from the implementations of RFC 5201.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Further information on    Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at

 Moskowitz, et al.            Standards Track                    [Page 1]
 RFC 7401                          HIPv2                      ...