论文信息 - The privacy implications of stateless IPv6 addressing

The privacy implications of stateless IPv6 addressing

Current implementations of the Internet Protocol version 6 (IPv6) use a static value determined from the Media Access Control (MAC) address as the host portion, or interface identifier (IID), of the IPv6 address. Some implementations create the IID using the MAC unobscured, while others compute a onetime hash value involving the MAC. As a result of this deterministic address assignment, the IID of the address is the same, regardless of the network the node accesses. This IID assignment provides interested parties (whether malicious or not) with the ability to easily track a node's physical location using simple tools such as ping and traceroute. Additionally, a static IID provides a means to correlate network traffic with a specific user. This is accomplished through a combination of filtering of the static IID and traffic analysis. The serious breaches in privacy caused by a static IID should be addressed before deployment of IPv6 becomes widespread.

Joseph G. Tront | Randy C. Marchany | Stephen Groat | Matthew Dunlop

[1] Thomas Narten,et al. Neighbor Discovery for IP Version 6 (IPv6) , 1996, RFC.

[2] Jianying Zhou,et al. Protocol for hiding movement of mobile nodes in mobile IPv6 , 2005, VTC-2005-Fall. 2005 IEEE 62nd Vehicular Technology Conference, 2005..

[3] Stephen E. Deering,et al. IP Version 6 Addressing Architecture , 1995, RFC.

[4] Gabriel Montenegro,et al. A Simple Privacy Extension for Mobile IPV6 , 2004, MWCN.

[5] George Lawton,et al. Is IPv6 Finally Gaining Ground? , 2001, Computer.

[6] Marcelo Bagnulo,et al. Cryptographically Generated Addresses (CGA) Extension Field Format , 2006, RFC.

[7] Colin O'Flynn,et al. Making sensor networks IPv6 ready , 2008, SenSys '08.

[8] Thomas Narten,et al. Privacy Extensions for Stateless Address Autoconfiguration in IPv6 , 2001, RFC.

[9] Stephen T. Kent,et al. Security Architecture for the Internet Protocol , 1998, RFC.

[10] Pekka Nikander,et al. SEcure Neighbor Discovery (SEND) , 2005, RFC.

[11] Rajeev Koodli,et al. IP Address Location Privacy and Mobile IPv6: Problem Statement , 2007, RFC.

[12] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[13] Wassim Haddad,et al. Privacy for Mobile and Multi-homed Nodes: Problem Statement , 2006 .