MobileIP is essentially a host routing protocol, designed to modify the normal routing for a specific host. Since it changes the usual way of sending a datagram to a host, MobileIP could be an opportunity to create new passive or active attacks, denial of service or more generally security threats [Mankin, 2001].
The binding update, which informs a correspondent node of the new care-of-address, is implicitly authenticated by the correspondent node, verifying that it does not come from a rogue node. To authenticate the update, the correspondent node and the mobile node need to have a previously established security association. Since there is no global public-key infrastructure yet on the global Internet, the other way is to share a secret.
The interaction of the mobile node with its home agent includes the re-routing of the traffic addressed to the mobile node to another location, its visiting address. A weak or non-existent security association between the mobile node and its home agent would enable a rogue node to send binding updates to the home agent redirecting traffic destined for the mobile node to a rogue location. For this reason, IPsec ESP [RFC3776] in transport mode is used between the mobile node and its home agent to secure the MobileIPv6 control messages such as the binding update.
After a mobile node informs its correspondents of its new IP address, ...