Publication: Efficient security for IPv6 multihoming
Loading...
Identifiers
ISSN: 0146-4833
Publication date
2005-04
Defense date
Advisors
Tutors
Journal Title
Journal ISSN
Volume Title
Publisher
ACM
Abstract
In this note, we propose a security mechanism for protecting IPv6
networks from possible abuses caused by the malicious usage of a
multihoming protocol. In the presented approach, each
multihomed node is assigned multiple prefixes from its upstream
providers, and it creates the interface identifier part of its
addresses by incorporating a cryptographic one-way hash of the
available prefix set. The result is that the addresses of each
multihomed node form an unalterable set of intrinsically bound
IPv6 addresses. This allows any node that is communicating with
the multihomed node to securely verify that all the alternative
addresses proposed through the multihoming protocol are
associated to the address used for establishing the communication.
The verification process is extremely efficient because it only
involves hash operations
Description
Keywords
IPv6, Protección de datos, Hijacking protection, Multihoming
Bibliographic citation
ACM Computer Communications Review, April 2005, Vol. 35, nº 2, p 61-68