Bootstrapping Accountability and Privacy to IPv6 Internet without Starting from Scratch

Accountability and privacy are considered valuable but conflicting properties in the Internet, which at present does not provide native support for either. Past efforts to balance accountability and privacy in the Internet have unsatisfactory deployability due to the introduction of new communication identifiers, and because of large-scale modifications to fully deployed infrastructures and protocols.The IPv6 is being deployed around the world and this trend will accelerate. In this paper, we propose a private and accountable proposal based on IPv6 called PAVI that seeks to bootstrap accountability and privacy to the IPv6 Internet without introducing new communication identifiers and large-scale modifications to the deployed base. A dedicated quantitative analysis shows that the proposed PAVI achieves satisfactory levels of accountability and privacy. The results of evaluation of a PAVI prototype show that it incurs little performance overhead, and is widely deployable.

[1]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[2]  Xin Liu,et al.  Bootstrapping Accountability in the Internet We Have , 2011, NSDI.

[3]  Allan C. Rubens,et al.  Remote Authentication Dial In User Service (RADIUS) , 2000, RFC.

[4]  Thomas Narten,et al.  IPv6 Stateless Address Autoconfiguration , 1996, RFC.

[5]  Thomas Narten,et al.  Privacy Extensions for Stateless Address Autoconfiguration in IPv6 , 2001, RFC.

[6]  Stephen T. Kent,et al.  An Infrastructure to Support Secure Internet Routing , 2012, RFC.

[7]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[8]  Peter Steenkiste,et al.  Balancing accountability and privacy in the network , 2014, SIGCOMM.

[9]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[10]  Claude E. Shannon,et al.  The mathematical theory of communication , 1950 .

[11]  Tim Dierks,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .

[12]  Bobby Bhattacharjee,et al.  Accountability as a Service , 2007, SRUTI.

[13]  Victor Fajardo,et al.  Diameter Base Protocol , 2003, RFC.

[14]  G. Rota The Number of Partitions of a Set , 1964 .

[15]  Daniel Raumer,et al.  MoonGen: A Scriptable High-Speed Packet Generator , 2014, Internet Measurement Conference.

[16]  Yannis Mallios,et al.  Persona: Network Layer Anonymity and Accountability for Next Generation Internet , 2009, SEC.

[17]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[18]  Karol Pak,et al.  Stirling Numbers of the Second Kind , 2005 .

[19]  P. Reiher,et al.  Building accountability into the future Internet , 2008, 2008 4th Workshop on Secure Network Protocols.

[20]  Stephen Farrell,et al.  Pervasive Monitoring Is an Attack , 2014, RFC.

[21]  Adrian Perrig,et al.  Source Accountability with Domain-brokered Privacy , 2016, CoNEXT.

[22]  Marcelo Bagnulo,et al.  Source Address Validation Improvement (SAVI) Framework , 2013, RFC.

[23]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[24]  Paul E. Hoffman,et al.  Internet Engineering Task Force (ietf) Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (esp) and Authentication Header (ah) , 2022 .

[25]  Nick Feamster,et al.  Accountable internet protocol (aip) , 2008, SIGCOMM '08.

[26]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[27]  Bart Preneel,et al.  Towards Measuring Anonymity , 2002, Privacy Enhancing Technologies.

[28]  Andrew Yourtchenko,et al.  Dynamic Host Configuration Protocol for IPv6 (DHCPv6) , 2003, RFC.

[29]  Ralph E. Droms,et al.  Dynamic Host Configuration Protocol for IPv6 (DHCPv6) , 2003, RFC.

[30]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[31]  Ashar Aziz,et al.  Design and Implementation of SKIP , 1995 .

[32]  Bernd Meyer,et al.  Attacking Unlinkability: The Importance of Context , 2007, Privacy Enhancing Technologies.