Child-proof authentication for MIPv6 (CAM)
ACM SIGCOMM Computer Communication Review
An incremental approach to IPv6 multihoming
Computer Communications
The Shim6 architecture for IPv6 multihoming
IEEE Communications Magazine
Hi-index | 0.00 |
In this note, we propose a security mechanism for protecting IPv6 networks from possible abuses caused by the malicious usage of a multihoming protocol. In the presented approach, each multihomed node is assigned multiple prefixes from its upstream providers, and it creates the interface identifier part of its addresses by incorporating a cryptographic one-way hash of the available prefix set. The result is that the addresses of each multihomed node form an unalterable set of intrinsically bound IPv6 addresses. This allows any node that is communicating with the multihomed node to securely verify that all the alternative addresses proposed through the multihoming protocol are associated to the address used for establishing the communication. The verification process is extremely efficient because it only involves hash operations.