IPv6 is Bad for Your Privacy
نویسنده
چکیده
In recent years, covert channel techniques for IPv4 and more recently for IPv6 have been published by the scientific community and also presented in DEFCON 14. However, a covert channel that contains a considerable bandwidth has been overlooked, the autoconfigured IPv6 address itself. IPv6 Stateless Address Autoconfiguration is used for autoconfiguring addresses without a server in IPv6 networks. The autoconfiguration mechanism consists of choosing an address candidate and verifying its uniqueness with Duplicate Address Detection. The autoconfiguration mechanism has privacy issues which have been identified before and mitigations have been published as RFC 3041. However, we show that the privacy protection mechanism for the autoconfiguration can be used as a covert channel, and consequently, be used to harm the privacy of the user. The covert channel can be serious threat for communication security and privacy. We present practical attacks for divulging sensitive information such as parts of secret keys of encryption protocols. The scheme can also be used for very effective Big Brother type surveillance that cannot be detected by established intrusion detection systems.
منابع مشابه
Exposing Potential Privacy Issues with Ipv6 Address Construction
The usage of 128 bit addresses with hexadecimal representation in IPv6 poses significant potential privacy issues. This paper discusses the means of allocating IPv6 addresses, along with the implications each method may have upon privacy in different usage scenarios. The division of address space amongst the global registries in a hierarchal fashion can provide geographical information about th...
متن کاملIPv6 Address Obfuscation by Intermediate Middlebox in Coordination with Connected Devices
Privacy is a major concern on the current Internet, but transport mechanisms like IPv4 and more specifically IPv6 do not offer the necessary protection to users. However, the IPv6 address size allows designing privacy mechanisms impossible in IPv4. Nevertheless existing solutions like Privacy Extensions [20] are not optimal, still only one address is in use for several communications over time....
متن کاملPrivacy Extensions for Stateless Address Autoconfiguration in IPv6
Stateless address autoconfiguration defines the mechanism for a IPv6 node to generate an address without the need of an external DHCP server based on the interface identifier. In the case of Ethernet the Interface Identifier is based on the EUI-64 identifier derived from the interface’s built-in 48-bit IEEE 802 address (MAC address). The IPv6 address generated via Stateless Autoconfiguration co...
متن کاملComparative Study of Veil Abandonment and Privacy Abandonment in Iranian Clothing and Buildings before and after The Pahlavi Dynasty
The issue of non-observance of privacy in contemporary Iranian clothes and buildings is one of the most important cultural issues in the country due to its lack of proportion to the Islamic culture of Iran, it has brought various cultural and social consequences in contemporary Iranian society; in particular, there are some verses in the holly Qur'an referring to the issue of veiling for women,...
متن کاملkIP: a Measured Approach to IPv6 Address Anonymization
Privacy-minded Internet service operators anonymize IPv6 addresses by truncating them to a fixed length, perhaps due to long-standing use of this technique with IPv4 and a belief that it’s “good enough.” We claim that simple anonymization by truncation is suspect since it does not entail privacy guarantees nor does it take into account some common address assignment practices observed today. To...
متن کامل