Browse > Article
http://dx.doi.org/10.13089/JKIISC.2006.16.2.95

The Modified IPv6 NDP Mechanism for Preventing IP Spoofing  

Kim Ji-Hong (Semyung University)
Nah Jae-Hoon (Electronics and Telecommunications Research Institute)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.16, no.2, 2006 , pp. 95-103 More about this Journal
Abstract
IPv6 is a new version of the Internet protocol, designed as the successor to IPv4. Among the changes from IPv4 to IPv6, we focused on the stateless address auto-configuration mechanism. The address auto-configuration mechanism is used by nodes in an IPv6 network to learn the local topology. The current specifications suggest that IPsec AH may be used to secure the mechanism, but there is no security association during address auto-configuration process because it has no initial IP address. As there are so many suity threats, SEND protocol was designed to counter these threats. In this paper we analyzed the security problems in NDP and SEND protocol. So we proposed the Modified NDP mechanism using PKC and AC in order to solve these problems.
Keywords
IPv6; NDP; CGA; SEND; PKC; AC;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Jari Arkko, Vijay Devarapalli, Francis Dupont, 'Using Ipsec to protect Mobile Ipv6 Signaling between MN and HA', RFC 3776, June 2004
2 Charles Lynn, Stephen Kent, Karen Seo, 'X.509 Extensions for IP Addresses and AS Identifier' RFC 3779, June 2004
3 Robert Moskowitz, Pekka Nikander, Petri Jokela, 'Host Identity Protocol' Internet Draft draft-ietf-hip-base-03, June 2005
4 Tuomas Aura, 'Cryptographic Generated Address(CGA)', RFC 3972, March 2005
5 Jari Arkko, James Kempf, Brian Zill, Pekka Nikander, 'SEcure Neighbor Discovery', RFC 3971, March 2005
6 David B. Johnson, Charles E. Perkins, Jari Arkko, 'Mobility Support in IPv6', RFC 3775, June 2004
7 Deering, S.; and R. Hinden, 'Internet Protocol, Version 6 Specification', RFC 2460, December 1998
8 Narten, T., Nordmark, E. and W. Simpson, 'Neighbor Discovery for IPv6', RFC 2461, December 1998
9 Pekka Nikander, James Kempf, ErikNordmark, 'Ipv6 ND Trust Models and Threats', RFC 3756, May 2004
10 Thomspn, S. and T. Narten, 'IPv6 Stateless Address Autoconfiguration', RFC 2462, December 1998
11 Relph Droms, Jim Bound, Bernie Volz, Ted Lemon, Charles E. Perkins, 'Dynamic Host Configuration Protocol for IPv6 (DHCPV6)', RFC 3315, July 2003
12 강현선, 박창섭, 'Redirect 공격과 DoS 공격에 안전한 MIPv6 바인딩 업데이트 프로토콜', 정보보호학회 논문지, 제 15권, 5호,10, 20005
13 Stephen Farrell, Russell Housley, 'An Internet Attributes Certificate Profile for Authorization', RFC 3281, April 2002
14 Geoff Huston, 'Architectural Commentary on Site Multihoming Using Level 3Shim', Draft draft-shim6-arch -00.txt, February 2005