Abstract
Traditionally, configuring a network interface of a machine requires manual configuration and it’s often a long and tedious job. With IPv6, this configuration is automated, introducing plug-and-play functionality to the network interface. Automatic configuration means that a machine gets all the information it needs to connect to an IPv6 LAN without any human intervention. The IPv6 address auto-configuration process includes creating a link-local address, verifying its uniqueness, and determining global unicast addresses. Checking the uniqueness of an IPv6 address is done by running an algorithm called DAD (Duplicate Address Detection) by the new node. This algorithm uses the multicast communications namely the messages neighbor solicitation and neighbor advertisement. However, this mechanism is not secure. In our paper, we propose a new algorithm to secure these multicast communications using symmetric cryptography. Our method shows its efficiency in terms of execution time and security level.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Deering, S., Hinden, R.: Internet Protocol, Version 6 (IPv6) Specification. IETF, RFC 8200, July 2017
Ahmed, A.S.A.M.S., Hassan, R., Othman, N.E.: IPv6 Neighbor Discovery Protocol Specifications, Threats and Countermeasures: A Survey (2017). ISSN 2169-3536
Gont, F., Cooper, A., Thaler, D., Liu, W.: Recommendation on Stable IPv6 Interface Identifiers. IETF, RFC 8064, February 2017
Alisherov, F., Kim, T.: Duplicate address detection table in IPv6 mobile networks. In: Chang, C.-C., Vasilakos, T., Das, P., Kim, T.-h., Kang, B.-H., Khurram Khan, M. (eds.) ACN 2010. CCIS, vol. 77, pp. 109–115. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13405-0_11
Moslehpour, M., Khorsandi, S.: A distributed cryptographically generated address computing algorithm for secure neighbor discovery protocol in IPv6. Int. J. Comput. Inf. Eng. 10(6), 10–15 (2016)
Pitchaiah, M., Daniel, P.: Implementation of advanced encryption standard algorithm. Int. J. Sci. Eng. Res. 3(3), 3–5 (2012). ISSN 2229-5518
Shah, J.L., Parvez, J.: IPv6 cryptographically generated address: analysis and optimization. In: AICTC 2016 Proceedings of the International Conference on Advances in Information Communication Technology & Computing, 12–13 August 2016
Shah, J.L., Parvez, J.: Optimizing security and address configuration in IPv6 SLAAC. Procedia Comput. Sci. 54, 177–185 (2015)
Shah, J.L.: A novel approach for securing IPv6 link local communication. Inf. Secur. J. Glob. Perspect. 25(1–3), 136–150 (2016). ISSN 1939-3555
Wang, X., Mu, Y., Han, G., Le, D.: A secure IPv6 address configuration protocol for vehicular networks. Wirel. Pers. Commun. 79(1), 721–744 (2014)
Lu, Y., Wang, M., Huang, P.: An SDN-based authentication mechanism for securing neighbor discovery protocol in IPv6. J. Secur. Commun. Netw. 2017, 1–9 (2017)
Praptodiyono, S., et al.: Improving Security of Duplicate Address Detection on IPv6 Local Network in Public Area (2016). ISSN 2376-1172
Barbhuiya, F.A., Bansal, G., Kumar, N., et al.: Detection of neighbor discovery protocol based attacks in IPv6 network. Netw. Sci. 2(3–4), 91–113 (2013)
Hassan, R., Ahmed, A.S., Osman, N.E.: Enhancing security for IPv6 neighbor discovery protocol using cryptography. Am. J. Appl. Sci. 11(9), 1472–1479 (2014)
El Ksimi, A., Leghris, C.: Towards a New Algorithm to Optimize IPv6 Neighbor Discovery Security for Small Objects Networks (2018). hindawi.com
Sridevi: Implementation of multicast routing on IPv4 and IPv6 networks. Int. J. Recent Innov. Trends Comput. Commun. 5, 1455–1467 (2017). ISSN 2321-8169
Cunjiang, Y., Dawei, X., Li, J.: Authentication analysis in an IPV6-based environment. IEEE, December 2014
Nia, M.A., Sajedi, A., Jamshidpey, A.: An Introduction to Digital Signature Schemes. IEEE (2014)
Chittimaneni, K., Kaeo, M., Kaeo, M.: Operational Security Considerations for IPv6 Networks. Internet-Draft, 27 October 2014
Narten, T., Draves, R., Krishnan, S.: Privacy extensions for stateless address autoconfiguration in IPv6 (2007)
El Ksimi, A., Leghris, C.: An enhancement approach for securing neighbor discovery in IPv6 networks. In: Renault, É., Boumerdassi, S., Bouzefrane, S. (eds.) MSPN 2018. LNCS, vol. 11005, pp. 54–69. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-03101-5_6
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
El Ksimi, A., Leghirs, C. (2019). A New Mechanism to Secure IPv6 Networks Using Symmetric Cryptography. In: Renault, É., Boumerdassi, S., Leghris, C., Bouzefrane, S. (eds) Mobile, Secure, and Programmable Networking. MSPN 2019. Lecture Notes in Computer Science(), vol 11557. Springer, Cham. https://doi.org/10.1007/978-3-030-22885-9_20
Download citation
DOI: https://doi.org/10.1007/978-3-030-22885-9_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-22884-2
Online ISBN: 978-3-030-22885-9
eBook Packages: Computer ScienceComputer Science (R0)