Collision probability of one-to-many reversible mapping for IPv6 address generation

The paper presents results of collision probability evaluation of a one-to-many reversible mapping between user space and IPv6 address space which is developed to improve of IPv6 addresses generation in a local area network (LAN). Each time a user accesses the network, a dynamic unicast IPv6 address is given via DHCPv6 (Dynamic Host Configuration Protocol for IPv6) server to protect users from unwanted behavior analysis exploiting IPv6 addresses, thus protecting user privacy. This IPv6 address is generated dynamically using CFB (Cipher Feedback) mode of AES (Advanced Encryption Standard) algorithm based on user identity. The dynamic address can be uniquely linked to user if the need arises to allow network administrator to identify user based on captured IPv6 address during any security event. Checksum has been used for validation of probability of coincidental match of randomly generated Interface Id or generated by some other mechanism. The collision probability of the one-to-many reversible mapping for stateful IPv6 address assignment is evaluated using birthday paradox. The results show that the collision probability is very small indeed. The one-to-many reversible mechanism may be incorporated as an extension to the current DHCPv6 software.