DocumentCode
583076
Title
Cryptographically Generated Addresses (CGAs): Possible Attacks and Proposed Mitigation Approaches
Author
Alsadeh, A. ; Rafiee, Hosnieh ; Meinel, Christoph
Author_Institution
Hasso Plattner Inst., Univ. of Potsdam, Potsdam, Germany
fYear
2012
fDate
27-29 Oct. 2012
Firstpage
332
Lastpage
339
Abstract
Cryptographically Generated Addresses (CGAs) were mainly designed to prove address ownership and to prevent the theft of existing IPv6 addresses by binding the owner´s public key to the generated address. The address owner uses a corresponding private key to prove its ownership by using signed messages that are originated from that address. Though the CGA approach is quite useful in providing a means of proving address ownership in IPv6 networks, it does have some limitations and some vulnerabilities. In this paper we will provide a security analysis and descriptions of possible ways of attacking CGA. We found that the CGA verification process is prone mainly to Denial-of-Service (DoS) attacks. We also found that CGAs are still susceptible to privacy related attacks. We will therefore propose some extensions to the CGA standard verification algorithm to mitigate DoS attacks and to make CGA more privacy-conscious.
Keywords
private key cryptography; public key cryptography; CGA approach; DoS attacks; IPv6 addresses; IPv6 networks; cryptographically generated addresses; denial-of-service attacks; privacy related attacks; private key; proposed mitigation approaches; public key; signed messages; Authentication; Computer crime; Computers; Public key; Standards; Authentication of IPv6 addresses; IPv6 Privacy; IPv6 Security; IPv6 addresses ownership;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer and Information Technology (CIT), 2012 IEEE 12th International Conference on
Conference_Location
Chengdu
Print_ISBN
978-1-4673-4873-7
Type
conf
DOI
10.1109/CIT.2012.84
Filename
6391923
Link To Document