What DHCPv6 says about you

As protection against the current privacy weaknesses of StateLess Address Auto Configuration (SLAAC) in the Internet Protocol version 6 (IPv6), network administrators may choose to deploy the new Dynamic Host Configuration Protocol for IPv6 (DHCPv6). Similar to the Dynamic Host Configuration Protocol (DHCP) for Internet Protocol version 4 (IPv4), DHCPv6 uses a clientserver model to manage addresses for networks, providing stateful address assignment. While DHCPv6 can be configured to assign randomly distributed addresses to clients, the DHCP Unique Identifier (DUID) was designed to remain static to clients as they move between different subnets and networks. Since the DUID is globally unique, attackers can geotemporally track clients by sniffing DHCPv6 messages on the local network or by using protocol-valid messages that request systems´ DUIDs. Additionally, attackers can remotely monitor users and networks using DHCPv6 relays to issue and forward DHCPv6 messages and track clients. The privacy implications of DHCPv6 must be addressed before large-scale IPv6 deployment.