Cryptographically Generated Addresses (CGAs): Possible Attacks and Proposed Mitigation Approaches

Cryptographically Generated Addresses (CGAs) were mainly designed to prove address ownership and to prevent the theft of existing IPv6 addresses by binding the owner's public key to the generated address. The address owner uses a corresponding private key to prove its ownership by using signed...

Full description

Saved in:
Bibliographic Details
Main Authors: Alsadeh, A., Rafiee, H., Meinel, C.
Format: Conference Proceeding
Language:English
Subjects:
Authentication
Authentication of IPv6 addresses
Computer crime
Computers
IPv6 addresses ownership
IPv6 Privacy
IPv6 Security
Public key
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cryptographically Generated Addresses (CGAs) were mainly designed to prove address ownership and to prevent the theft of existing IPv6 addresses by binding the owner's public key to the generated address. The address owner uses a corresponding private key to prove its ownership by using signed messages that are originated from that address. Though the CGA approach is quite useful in providing a means of proving address ownership in IPv6 networks, it does have some limitations and some vulnerabilities. In this paper we will provide a security analysis and descriptions of possible ways of attacking CGA. We found that the CGA verification process is prone mainly to Denial-of-Service (DoS) attacks. We also found that CGAs are still susceptible to privacy related attacks. We will therefore propose some extensions to the CGA standard verification algorithm to mitigate DoS attacks and to make CGA more privacy-conscious.
DOI:10.1109/CIT.2012.84