Many wireless applications and mobile communication services are provided through IP networks. This brings the increased popularity of mobile users, but also introduces the problems of IP address shortage and demands for mobility support in IP networks. Therefore, IETF defines mobility support in IPv6, i.e. MIPv6, to allow nodes to remain reachable while moving around in the IPv6 internet. When a node moves and visits a foreign network, it is still reachable through the indirect packet forwarding from its home network. This triangular routing feature provides node mobility but increases the communication latency between nodes. In order to further eliminate triangular routing, IETF proposes a binding update (BU) scheme, which enables nodes communicate directly. This process of enabling direct packet delivering is called Route Optimization. To protect the security of BU message, a Return Routability (RR) procedure was proposed. However, it was found that RR is vulnerable to many attacks. In this thesis, we consider two different mobile IPv6 authentication architectures and propose two securing Binding Update message schemes for each architecture. In the infrastructureless environment, neither trusted third party nor certificate authority exists. We adopt CGA (Cryptographic Generated Address) scheme to propose two solutions based on Diffie Hellman key agreement and geometric computation respectively. In the infrastructure environment, there exists a third-party trusted Certificate Authority (CA) and different AAA servers, which also behave as PKGs (private key generators), distributed in different network domains. According to distinct privacy requirements, we present two secure BU schemes, adopting ID-based multi-signature and encryption respectively across multi-PKGs.