Title :
IPv6 Stateless Address Autoconfiguration Considered Harmful
Author :
Lindqvist, Janne
Author_Institution :
Telecommun. Software & Multimedia Lab., Helsinki Univ.
Abstract :
IPv6 stateless address autoconfiguration is used for autoconfiguring addresses without a server in IPv6 networks. The autoconfiguration mechanism consists of choosing an address candidate and verifying its uniqueness with duplicate address detection. The autoconfiguration mechanism has privacy issues which have been identified before. However, we show that the autoconfiguration mechanisms can be used as a covert channel. The covert channel is a serious threat for communication security and privacy if used by malicious third party IPv6 vendors or malware implementors. We present practical attacks for divulging sensitive information such as secret keys of encryption protocols using the covert channel and lower layer information. The scheme can also be used for very effective Big Brother type surveillance
Keywords :
IP networks; data privacy; security of data; surveillance; telecommunication security; IPv6 network; address candidate; communication security; covert channel; duplicate address detection; lower layer information; malware implementor; privacy issue; stateless address autoconfiguration; surveillance; Ethernet networks; IP networks; Information security; Internet; Laboratories; Network servers; Privacy; Protocols; Standards publication; Unicast;
Conference_Titel :
Military Communications Conference, 2006. MILCOM 2006. IEEE
Conference_Location :
Washington, DC
Print_ISBN :
1-4244-0617-X
Electronic_ISBN :
1-4244-0618-8
DOI :
10.1109/MILCOM.2006.302471
