DMU

Dynamic mobile-IP key update (DMU) allows mobile stations to generate new keys and share them securely with the network. DMU testing is available as a software option on the MIP-5850.

The start of a DMU call looks like the start of a normal mobile IP call. However, instead of returning a registration-accept message, the network returns a DMU key-request message, which is a registration-reply with code 89 and a DMU extension of type 1. The mobile generates a set of keys and produces a DMU key-data message, which is a registration-request with a DMU extension of type 2. The network then decrypts this message and returns either an AAA-authenticator message (type 3) to prove that it could decrypt the key data or a public-key-invalid message (type 4) if the decryption failed. If DMU succeeds, then the mobile registers normally afterward.