The Host Identity Protocol (HIP) is a host identification technology for use on

Internet Protocol The Internet Protocol (IP) is the network layer communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet. IP ...

(IP) networks, such as the

Internet The Internet (or internet) is the Global network, global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a internetworking, network of networks ...

. The Internet has two main name spaces,

IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...

es and the

Domain Name System The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information ...

. HIP separates the end-point identifier and locator roles of

es. It introduces a Host Identity (HI) name space, based on a

public key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...

security infrastructure. The Host Identity Protocol provides secure methods for IP

multihoming Multihoming is the practice of connecting a Host (network), host or a computer network to more than one network. This can be done in order to increase reliability or performance. A typical host or end-user network is connected to just one networ ...

and

mobile computing Mobile computing is human–computer interaction in which a computer is expected to be transported during normal usage and allow for transmission of data, which can include voice and video transmissions. Mobile computing involves mobile commun ...

. In networks that implement the Host Identity Protocol, all occurrences of IP addresses in applications are eliminated and replaced with cryptographic host identifiers. The cryptographic keys are typically, but not necessarily, self-generated. The effect of eliminating IP addresses in application and transport layers is a decoupling of the transport layer from the internetworking layer (

Internet Layer The internet layer is a group of internetworking methods, protocols, and specifications in the Internet protocol suite that are used to transport network packets from the originating host across network boundaries; if necessary, to the desti ...

) in

TCP/IP The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suite are ...

.RFC 4423, ''Host Identity Protocol (HIP) Architecture'', Section 4.1 HIP was specified in the

IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet standard, Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster ...

HIP

working group A working group is a group of experts working together to achieve specified goals. Such groups are domain-specific and focus on discussion or activity around a specific subject area. The term can sometimes refer to an interdisciplinary collab ...

. An

Internet Research Task Force The Internet Research Task Force (IRTF) is an organization, overseen by the Internet Architecture Board, that focuses on longer-term research issues related to the Internet. A parallel organization, the Internet Engineering Task Force (IETF), foc ...

(IRTF) HIP research group looks at the broader impacts of HIP. The working group is chartered to produce

Requests for Comments A Request for Comments (RFC) is a publication in a series from the principal technical development and standards-setting bodies for the Internet, most prominently the Internet Engineering Task Force (IETF). An RFC is authored by individuals or ...

on the "Experimental" track, but it is understood that their quality and security properties should match the standards track requirements. The main purpose for producing Experimental documents instead of standards track ones are the unknown effects that the mechanisms may have on applications and on the Internet in the large.

Version 2

Host Identity Protocol version 2 (HIPv2), also known as HIP version 2, is an update to the protocol that enhances security and support for mobile environments. HIP continues to separate the roles of identification and location in IP addressing by implementing a host identity namespace based on cryptography. This version introduces new features that allow devices to connect more securely and efficiently, even in scenarios involving mobility and multihoming (connecting to multiple networks).

Enhanced security

HIPv2 strengthens device authentication security and provides protection against spoofing and denial-of-service (DoS) attacks. Host Identifiers (HIs) are generated with cryptographic keys, giving each device a unique identity. The protocol also uses the Encapsulating Security Payload (ESP) format for encrypting data, which ensures the integrity and confidentiality of communications.

Mobility and multihoming

HIPv2's design enables devices to change networks without losing the session, a crucial advantage for mobile and IoT applications. This capability to switch networks seamlessly makes HIPv2 well-suited for devices that require constant and reliable connectivity, such as mobile phones and IoT sensors. Additionally, HIPv2 facilitates multihoming, allowing simultaneous connections to multiple networks, which improves connection resilience and availability.

RFC references

* - Host Identity Protocol (HIP) Architecture (early "informational" snapshot, obsoleted by RFC 9063) * - Host Identity Protocol base (Obsoleted by RFC 7401) * - Using the Encapsulating Security Payload (ESP) Transport Format with the Host Identity Protocol (HIP) (Obsoleted by RFC 7402) * - Host Identity Protocol (HIP) Registration Extension (obsoleted by RFC 8003) * - Host Identity Protocol (HIP) Rendezvous Extension (obsoleted by RFC 8004) * - Host Identity Protocol (HIP) Domain Name System (DNS) Extension (obsoleted by RFC 8005) * - End-Host Mobility and Multihoming with the Host Identity Protocol * - NAT and Firewall Traversal Issues of Host Identity Protocol (HIP) Communication * - Basic Requirements for IPv6 Customer Edge Routers * - Host identity protocol version 2 (HIPv2) (updated by RFC 8002) * - Using the Encapsulating Security Payload (ESP) transport format with the Host Identity Protocol (HIP) * - Host Identity Protocol Certificates * - Host Identity Protocol (HIP) Registration Extension * - Host Identity Protocol (HIP) Rendezvous Extension * - Host Identity Protocol (HIP) Domain Name System (DNS) Extension * - Host Mobility with the Host Identity Protocol * - Host Multihoming with the Host Identity Protocol * - Native NAT Traversal Mode for the Host Identity Protocol * - Host Identity Protocol Architecture

References

External links