IPv6: Now You See Me, Now You Don't

Dunlop, Matthew; Groat, Stephen; Marchany, Randy; Tront, Joseph

Home // ICN 2011, The Tenth International Conference on Networks // View article

Authors:
Matthew Dunlop
Stephen Groat
Randy Marchany
Joseph Tront

Keywords: IPv6 addressing, privacy protection

Abstract:
Current implementations of the Internet Protocol version 6 (IPv6) use stateless address auto configuration (SLAAC) to assign network addresses to hosts. This technique produces a static value determined from the Media Access Control (MAC) address as the host portion, or interface identifier (IID), of the IPv6 address. Some implementations create the IID using the MAC unobscured, while others compute a onetime hash value involving the MAC. As a result, the IID of the address remains the same, regardless of the network the node accesses. This IID assignment provides third parties (whether malicious or not) with the ability to track a node's physical location by using simple tools such as ping and traceroute. Additionally, the static IID provides a means to correlate network traffic with a specific user through simple traffic analysis. We examine the techniques used to create autoconfigured addresses. We also discuss how these techniques violate a user's privacy. The serious breaches in privacy caused by SLAAC need to be addressed before deployment of IPv6 becomes widespread. To that end, we provide a detailed taxonomy of different methods for obscuring IPv6 autoconfigured IIDs.

Pages: 18 to 23

Copyright: Copyright (c) IARIA, 2011

Publication date: January 23, 2011

Published in: conference

ISSN: 2308-4413

ISBN: 978-1-61208-113-7

Location: St. Maarten, The Netherlands Antilles

Dates: from January 23, 2011 to January 28, 2011