Article
Version 1
Preserved in Portico This version is not peer-reviewed
Securing IPv6 Neighbor Discovery Address Resolution with Voucher-Based Addressing
Version 1
: Received: 21 June 2024 / Approved: 22 June 2024 / Online: 24 June 2024 (10:10:24 CEST)
How to cite: Puhl, Z. T.; Guo, J. Securing IPv6 Neighbor Discovery Address Resolution with Voucher-Based Addressing. Preprints 2024, 2024061561. https://doi.org/10.20944/preprints202406.1561.v1 Puhl, Z. T.; Guo, J. Securing IPv6 Neighbor Discovery Address Resolution with Voucher-Based Addressing. Preprints 2024, 2024061561. https://doi.org/10.20944/preprints202406.1561.v1
Abstract
The majority of local IPv6 networks continue to remain insecure and vulnerable to neighbor spoofing attacks. The Secure Neighbor Discovery (SEND) standard and its concomitant Cryptographically Generated Addressing (CGA) scheme were accepted by large standards bodies to codify practical mitigations. SEND and CGA have never seen widespread adoption due to their complexities, obscurity, costs, compatibility issues, and continued lack of mature implementations. In light of their poor adoption, research since their standardization has continued to find new perspectives and proffer new ideas. The orthodox solutions for securing Neighbor Discovery have historically struggled to successfully harmonize three core ideals: simplicity, flexibility, and privacy preservation. This research introduces Voucher-Based Addressing, a low-configuration, low-cost, and high-impact alternative to IPv6 address generation methods. It secures the Neighbor Discovery address resolution process while remaining simple, highly adaptable, indistinguishable, and privacy-focused. Applying a unique concoction of cryptographic key derivation functions, link-layer address binding, and neighbor consensus on the parameters of address generation, resolved address bindings are verifiable without the need for complex techniques that have hindered the adoption of canonical specifications.
Keywords
IPv6; security; networking; NDP; neighbor discovery; privacy; voucher-based addressing
Subject
Computer Science and Mathematics, Computer Networks and Communications
Copyright: This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Comments (0)
We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.
Leave a public commentSend a private comment to the author(s)
* All users must log in before leaving a comment