Efficient security for IPv6 multihoming

Authors:
Marcelo Bagnulo;Alberto García-Martínez;Arturo Azcorra
Affiliations:
Universidad Carlos III de Madrid, Leganés, Madrid, España;Universidad Carlos III de Madrid, Leganés, Madrid, España;Universidad Carlos III de Madrid, Leganés, Madrid, España
Venue:
ACM SIGCOMM Computer Communication Review
Year:
2005

Citing 1
Cited 2

Child-proof authentication for MIPv6 (CAM)

ACM SIGCOMM Computer Communication Review

An incremental approach to IPv6 multihoming

Computer Communications
The Shim6 architecture for IPv6 multihoming

IEEE Communications Magazine

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this note, we propose a security mechanism for protecting IPv6 networks from possible abuses caused by the malicious usage of a multihoming protocol. In the presented approach, each multihomed node is assigned multiple prefixes from its upstream providers, and it creates the interface identifier part of its addresses by incorporating a cryptographic one-way hash of the available prefix set. The result is that the addresses of each multihomed node form an unalterable set of intrinsically bound IPv6 addresses. This allows any node that is communicating with the multihomed node to securely verify that all the alternative addresses proposed through the multihoming protocol are associated to the address used for establishing the communication. The verification process is extremely efficient because it only involves hash operations.