论文信息 - IPv6: Now You See Me, Now You Don't

IPv6: Now You See Me, Now You Don't

Current implementations of the Internet Protocol version 6 (IPv6) use stateless address auto configuration (SLAAC) to assign network addresses to hosts. This technique produces a static value determined from the Media Access Control (MAC) address as the host portion, or interface identifier (IID), of the IPv6 address. Some implementations create the IID using the MAC unobscured, while others compute a onetime hash value involving the MAC. As a result, the IID of the address remains the same, regardless of the network the node accesses. This IID assignment provides third parties (whether malicious or not) with the ability to track a node's physical location by using simple tools such as ping and traceroute. Additionally, the static IID provides a means to correlate network traffic with a specific user through simple traffic analysis. We examine the techniques used to create autoconfigured addresses. We also discuss how these techniques violate a user's privacy. The serious breaches in privacy caused by SLAAC need to be addressed before deployment of IPv6 becomes widespread. To that end, we provide a detailed taxonomy of different methods for obscuring IPv6 autoconfigured IIDs. Index Terms—IPv6 addressing, privacy protection

Joseph G. Tront | Stephen Groat | Matthew Dunlop | Randy Marchany

[1] Randall J. Atkinson,et al. IP Encapsulating Security Payload (ESP) , 1995, RFC.

[2] Abdur Rahim Choudhary. In-depth analysis of IPv6 security posture , 2009, 2009 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[3] Thomas Narten,et al. Privacy Extensions for Stateless Address Autoconfiguration in IPv6 , 2001, RFC.

[4] Jianying Zhou,et al. Protocol for hiding movement of mobile nodes in mobile IPv6 , 2005, VTC-2005-Fall. 2005 IEEE 62nd Vehicular Technology Conference, 2005..

[5] Tuomas Aura,et al. Cryptographically Generated Addresses (CGA) , 2005, ISC.

[6] Stephen E. Deering,et al. IP Version 6 Addressing Architecture , 1995, RFC.

[7] Gabriel Montenegro,et al. A Simple Privacy Extension for Mobile IPV6 , 2004, MWCN.

[8] William Stallings,et al. Cryptography and network security (2nd ed.): principles and practice , 1998 .

[9] Thomas Narten,et al. Neighbor Discovery for IP Version 6 (IPv6) , 1996, RFC.

[10] Perry Metzger,et al. Encapsulating Security Payload (ESP) , 1995 .

[11] Randall J. Atkinson,et al. Security Architecture for the Internet Protocol , 1995, RFC.

[12] Rajeev Koodli,et al. IP Address Location Privacy and Mobile IPv6: Problem Statement , 2007, RFC.

[13] Pekka Nikander,et al. SEcure Neighbor Discovery (SEND) , 2005, RFC.