| Neighbor Discovery for IPv6 is a main part of IPv6 protocol which was described in the RFC 2461. The Neighbor Discovery Protocol (NDP) is used by IPv6 nodes to discover other nodes on the link, to determine the link-layer addresses of other nodes on the link, to find routers, and to maintain reachability information about the paths to active neighbors. When IPv6 Neighbor Discovery functions were defined, it was assumed that the nodes on a local link would trust each other. However, with the developments in public wireless networks, the situation has been radically changed. The nodes on a local link cannot trust each other any more; instead, they must become mutually suspicious even when the nodes have completed an authentication. If there are malicious nodes on a local link, this may creates a great number of new security threats such as DoSthreats. It is difficult to authenticate source address in IPv4 networks. However, the address space in IPv6 network makes the source address authentication based on address itself possible.In this paper we describe a new cryptographic method, Cryptographically Generated Addresses (CGA), and discuss how the new method can be used to secure the Neighbor discovery mechanisms. The CGAs are IPv6 addresses where the interface identifier is generated by computing a cryptographic one-way hash function from public key of the address'owner and auxiliary parameters. The binding between the public key and the address can be verified by re-computing the hash value and by comparing the hash with the interface identifier. Messages sent from an IPv6 address can be protected by attaching the public key and auxiliary parameters and by signing the message with the corresponding private key. The inputs parameters to generate a new CGA include 4 parts: Modifier, EUI-64 address, collision count and Public Key of the address' owner. In order to enforce the intension of the cryptographical efficiency, a CGAhas a security parameter (Sec), which determines its strength against brute-force attacks.In contrast with binding the subnet prefix; the EUI-64 address is bound into the inputs parameters because the attacker would need to create a separate table for each host but not each network. As binding the subnet prefix, Link-local addresses are, however, left vulnerable because the same prefix is used by all IPv6 nodes. Now we can effectually avoid this problem by using EUI-64 addresses as input parameter, and besides, can prevent the attacks especially replay attacks which with the parameter of network prefix can not do. The purpose of the Timestamp option is to ensure that unsolicited advertisements and redirects have not been replayed, and the purpose of the Nonce option is to ensure that an advertisement is a fresh response to a solicitation sent earlier by this same node. The protection works without a certification authority or other security infrastructure, and unlike the original NDP specification these mechanisms do not make use of IPsec.
|
PDF Full Text Request