IPv6 Stateless Address Autoconfiguration Considered Harmful

Author

Lindqvist, Janne

Author_Institution

Telecommun. Software & Multimedia Lab., Helsinki Univ.

fYear

2006

fDate

23-25 Oct. 2006

Firstpage

1

Lastpage

5

Abstract

IPv6 stateless address autoconfiguration is used for autoconfiguring addresses without a server in IPv6 networks. The autoconfiguration mechanism consists of choosing an address candidate and verifying its uniqueness with duplicate address detection. The autoconfiguration mechanism has privacy issues which have been identified before. However, we show that the autoconfiguration mechanisms can be used as a covert channel. The covert channel is a serious threat for communication security and privacy if used by malicious third party IPv6 vendors or malware implementors. We present practical attacks for divulging sensitive information such as secret keys of encryption protocols using the covert channel and lower layer information. The scheme can also be used for very effective Big Brother type surveillance

Keywords

IP networks; data privacy; security of data; surveillance; telecommunication security; IPv6 network; address candidate; communication security; covert channel; duplicate address detection; lower layer information; malware implementor; privacy issue; stateless address autoconfiguration; surveillance; Ethernet networks; IP networks; Information security; Internet; Laboratories; Network servers; Privacy; Protocols; Standards publication; Unicast;

fLanguage

English

Publisher

ieee

Conference_Titel

Military Communications Conference, 2006. MILCOM 2006. IEEE

Conference_Location

Washington, DC

Print_ISBN

1-4244-0617-X

Electronic_ISBN

1-4244-0618-8

Type

conf

DOI

10.1109/MILCOM.2006.302471

Filename

4086676