A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : A Simple Secure Addressing Generation Scheme for IPv6 AutoConfiguration (SSAS)
Author(s) : Hosnieh Rafiee
Christoph Meinel
Filename : draft-rafiee-6man-ssas-00.txt
Pages : 13
Date : 2013-01-02
Abstract:
The default method for IPv6 address generation uses two unique
manufacturer IDs that are assigned by the IEEE Standards Association
[1] (section 2.5.1 RFC-4291) [RFC4291]. This means that a node will
always have the same Interface ID (IID) whenever it connects to a new
network. Because the node's IP address does not change, the node is
vulnerable to privacy related attacks. To address this issue, there
are currently two mechanisms in use to randomize the IID,
Cryptographically Generated Addresses (CGA) [RFC3972] and Privacy
Extension [RFC4941]. The problem with the former approach is the
computational cost involved for the IID generation. The problem with
the latter approach is that it lacks security. This document offers a
new algorithm for use in the generation of the IID while, at the same
time, securing the node against some types of attack, such as IP
spoofing. These attacks are prevented with the addition of a
signature to the Neighbor Discovery messages (NDP).
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-rafiee-6man-ssas
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-rafiee-6man-ssas-00
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
