IPv6 Address Obfuscation by Intermediate Middlebox in Coordination with Connected Devices

Abstract : Privacy is a major concern on the current Internet, but transport mechanisms like IPv4 and more specifically IPv6 do not offer the necessary protection to users. However, the IPv6 address size allows designing privacy mechanisms impossible in IPv4. Nevertheless existing solutions like Privacy Extensions [20] are not optimal, still only one address is in use for several communications over time. And it does not offer control of the network by the administrator (end devices use randomly generated addresses). Our IPv6 privacy proposal uses ephemeral addresses outside the trusted network but stable addresses inside the local network, allowing the control of the local network security by the administrator. Our solution is based on new opportunities of IPv6: a large address space and a new flow label field. In combination with Cryptographically Generated Addresses, we can provide protection against spoofing on the local network and enhanced privacy for Internet communication.
Complete list of metadatas

Cited literature [13 references]  Display  Hide  Download

https://hal.inria.fr/hal-01497012
Contributor : Hal Ifip <>
Submitted on : Tuesday, March 28, 2017 - 11:23:32 AM
Last modification on : Wednesday, March 29, 2017 - 1:01:35 AM
Long-term archiving on : Thursday, June 29, 2017 - 4:22:32 PM

File

978-3-642-40552-5_14_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Florent Fourcot, Laurent Toutain, Stefan Köpsell, Frédéric Cuppens, Nora Cuppens-Boulahia. IPv6 Address Obfuscation by Intermediate Middlebox in Coordination with Connected Devices. 19th Open European Summer School (EUNICE), Aug 2013, Chemnitz, Germany. pp.148-160, ⟨10.1007/978-3-642-40552-5_14⟩. ⟨hal-01497012⟩

Share

Metrics

Record views

667

Files downloads

119