Generating Unlinkable IPv6 Addresses (original) (raw)
Related papers
IPv6 Stateless Address Autoconfiguration: Balancing between Security, Privacy and Usability
Lecture Notes in Computer Science, 2013
Included in the IPv6 suite is a method for devices to automatically configure their own addresses in a secure manner. This technique is called Cryptographically Generated Addresses (CGAs). CGA provides the ownership proof necessary for an IPv6 address without relying on any trust authority. However, the CGAs computation is very high, especially for a high security level defined by the security parameter (Sec). Therefore, the high cost of address generation may keep hosts that use a high Sec values from changing their addresses on a frequent basis. This results in hosts still being susceptible to privacy related attacks. This paper proposes modifications to the standard CGA to make it more applicable security approach while protecting user privacy. We make CGA more privacy-conscious by changing addresses over time which protects users from being tracked. We propose to reduce the CGA granularity of the security level from 16 to 8. We believe that an 8 granularity is more feasible for use in most applications and scenarios. These extensions to the standard CGA are implemented and evaluated.
Address Autoconfiguration in IPv6 Networks: Challenges and Countermeasures
International Journal of Recent Technology and Engineering (IJRTE), 2019
The demand for internet and its applications has eventually led to the depletion of the dominant IPv4 addresses. This has resulted in the inevitable need for the next generation Internet Protocol IPv6, which contains an enormous pool of IP addresses. Address Autoconfiguration, a remarkable feature of IPv6 enables a node connected in the network to automatically configure an IP address for its interface and instantly participate in network communications. The Internet Engineering Task Force (IETF) has classified autoconfiguration into Stateless and Stateful mechanisms. Several IPv6 protocols have been employed to achieve autoconfiguration of networks. However, in addition to the excellent competence of this feature, autoconfiguration certainly suffers in terms of security and optimization. This paper attempts to enlighten the need and merits of Address Autoconfiguration and finally highlights the challenges, open issues and countermeasures involved in achieving this in real time envi...
Design and Implementation of Ipv6 Address Using Cryptographically Generated Address Method
There is always a tradeoff between privacy and the desired level of security for any internet user in the contemporary cyber world. Cyber security, of late, is paramount and its breach could lead to untoward consequences, at times, disastrous. The advent of the IPv6 provides a hope to resolve this tradeoff satisfactorily. Included in the IPV6 suite is a method for devices to automatically configure their own addresses in a secure manner. This technique is called Cryptographically Generated Addresses (CGAs). CGA provides the ownership proof necessary for an IPv6 address without relying on any trust authority. However, the computation involved in CGAs is very high, especially for a high security level defined by the security parameter (Sec). The sheer cost involved here may pose to be an inhibiting factor for any user to continue with this security regime and may tempt her not to change her address on a frequent basis. Thus, the way forward could be to modify the standard CGA to make it more applicable across applications and scenarios and at the same time not to let it compromise with the optimum security level. We propose to reduce the CGA granularity of the security level from 16 to 8, which make it more feasible for use in most applications and scenarios. And the privacy part is taken care of by changing addresses over time which protects users from being tracked. Here, we strive to implement and evaluate these extensions to the standard CGA.
IPv6 Cryptographically Generated Address: Analysis, Optimization and Protection
Computers, Materials & Continua
In networking, one major difficulty that nodes suffer from is the need for their addresses to be generated and verified without relying on a third party or public authorized servers. To resolve this issue, the use of selfcertifying addresses have become a highly popular and standardized method, of which Cryptographically Generated Addresses (CGA) is a prime example. CGA was primarily designed to deter the theft of IPv6 addresses by binding the generated address to a public key to prove address ownership. Even though the CGA technique is highly effective, this method is still subject to several vulnerabilities with respect to security, in addition to certain limitations in its performance. In this study, the authors present an intensive systematic review of the literature to explore the technical specifications of CGA, its challenges, and existing proposals to enhance the protocol. Given that CGA generation is a time-consuming process, this limitation has hampered the application of CGA in mobile environments where nodes have limited energy and storage. Fulfilling Hash2 conditions in CGA is the heaviest and most timeconsuming part of SEND. To improve the performance of CGA, we replaced the Secure Hash Algorithm (SHA1) with the Message Digest (MD5) hash function. Furthermore, this study also analyzes the possible methods through which a CGA could be attacked. In conducting this analysis, Denial-of-Service (DoS) attacks were identified as the main method of attack toward the CGA verification process, which compromise and threaten the privacy of CGA. Therefore, we propose some modifications to the CGA standard verification algorithm to mitigate DoS attacks and to make CGA more security conscious.
Privacy Extensions for Stateless Address Autoconfiguration in IPv6 Status of this Memo
2001
Nodes use IPv6 stateless address autoconfiguration to generate addresses without the necessity of a Dynamic Host Configuration Protocol (DHCP) server. Addresses are formed by combining network prefixes with an interface identifier. On interfaces that contain embedded IEEE Identifiers, the interface identifier is typically derived from it. On other interface types, the interface identifier is generated through other means, for example,
Randomness Test of Cryptographic One-to-many Reversible Mapping for IPv6 Address Generation
This paper presents simulation results on randomness test of a cryptographic one-to-many reversible mapping between user space and the IPv6 address space. A one-to-many reversible mapping mechanism is developed which may be embedded into a DHCPv6 (Dynamic Host Configuration Protocol for IPv6) server in the stateful mode within an enterprise local area network (LAN). Each time a user accesses the network, the DHCPv6 server is able to assign a dynamic IPv6 address. The dynamic address (obtained through one-to-many mapping) is to protect the user from unwanted behavior analysis exploiting IPv6 addresses, thus protecting user privacy. However, the dynamic address can be uniquely linked to the user (through many-to-one reversible mapping) if the need arises. The randomness of the dynamic address (one-to-many mapping) for IPv6 address assignment is evaluated based on uniformity using monobit (frequency) test, and avalanche effect is evaluated using Hamming distance tests. Simulation resul...
IPv6: Now You See Me, Now You Don't
ICN 2011, The Tenth …, 2011
Current implementations of the Internet Protocol version 6 (IPv6) use stateless address auto configuration (SLAAC) to assign network addresses to hosts. This technique produces a static value determined from the Media Access Control (MAC) address as the host portion, or interface identifier (IID), of the IPv6 address. Some implementations create the IID using the MAC unobscured, while others compute a onetime hash value involving the MAC. As a result, the IID of the address remains the same, regardless of the network the node accesses. This IID assignment provides third parties (whether malicious or not) with the ability to track a node's physical location by using simple tools such as ping and traceroute. Additionally, the static IID provides a means to correlate network traffic with a specific user through simple traffic analysis. We examine the techniques used to create autoconfigured addresses. We also discuss how these techniques violate a user's privacy. The serious breaches in privacy caused by SLAAC need to be addressed before deployment of IPv6 becomes widespread. To that end, we provide a detailed taxonomy of different methods for obscuring IPv6 autoconfigured IIDs.
This paper proposes a new security method for protecting signalling for Domain Name System (DNS) architecture. That is, it makes secure DNS update messages for binding a Fully Qualified Domain Name (FQDN) of an IPv6 node and the IPv6 address of the node owning this FQDN. This method is based on the use of Cryptographically Generated Addresses (CGA) and IDBased Cryptography (IBC). Combination of these two techniques allows DNS server to check the ownership of the IPv6 address and the FQDN, sent by the DNS client. In addition, this paper describes how this method has been implemented.
Cryptographically Protected Prefixes for Location Privacy in IPv6
Lecture Notes in Computer Science, 2005
There is a growing concern with preventing unauthorized agents from discovering the geographical location of Internet users, a kind of security called location privacy. The typical deployments of IPv6 in mobile networks allow a correspondent host and any passive eavesdroppers to infer the user's rough geographical location from the IPv6 address. We present a scheme called Cryptographically Protected Prefixes (CPP), to address this problem at the level of IPv6 addressing and forwarding. CPP randomizes the address space of a defined topological region (privacy domain), thereby making it infeasible to infer location information from an IP address. We present an adversary model and show that CPP is secure within the model. We have implemented CPP as a pre-processing step within the forwarding algorithm in the FreeBSD 4.8 kernel. Our performance testing indicates that CPP pre-processing results in a 40-50 percent overhead for packet forwarding in privacy domain routers. The additional end to end per packet delay is roughly 20 to 60 microseconds. Finally, we present an example showing how CPP can be combined with an encrypting border router to give enhanced protection against compromised routers, maintain limited state on routers, and provide intradomain location privacy in an incremental deployment. also compare it with some of the other approaches. In Section 8, we draw some conclusions. Appendix A describes CPP forwarding in more detail. In appendix B, we present an extension to CPP for enhanced router security (ERS). This extension gives additional protection against router compromises. We present an example integrating this approach into a Mobile IPv6 framework.