draft-ietf-6man-stable-privacy-addresses-02.txt   draft-ietf-6man-stable-privacy-addresses-03.txt 
IPv6 maintenance Working Group (6man) F. Gont IPv6 maintenance Working Group (6man) F. Gont
Internet-Draft SI6 Networks / UTN-FRH Internet-Draft SI6 Networks / UTN-FRH
Intended status: Standards Track December 30, 2012 Intended status: Standards Track January 27, 2013
Expires: July 3, 2013 Expires: July 31, 2013
A method for Generating Stable Privacy-Enhanced Addresses with IPv6 A method for Generating Stable Privacy-Enhanced Addresses with IPv6
Stateless Address Autoconfiguration (SLAAC) Stateless Address Autoconfiguration (SLAAC)
draft-ietf-6man-stable-privacy-addresses-02 draft-ietf-6man-stable-privacy-addresses-03
Abstract Abstract
This document specifies a method for generating IPv6 Interface This document specifies a method for generating IPv6 Interface
Identifiers to be used with IPv6 Stateless Address Autoconfiguration Identifiers to be used with IPv6 Stateless Address Autoconfiguration
(SLAAC), such that addresses configured using this method are stable (SLAAC), such that addresses configured using this method are stable
within each subnet, but the Interface Identifier changes when hosts within each subnet, but the Interface Identifier changes when hosts
move from one network to another. The aforementioned method is meant move from one network to another. The aforementioned method is meant
to be an alternative to generating Interface Identifiers based on to be an alternative to generating Interface Identifiers based on
IEEE identifiers, such that the benefits of stable addresses can be IEEE identifiers, such that the benefits of stable addresses can be
skipping to change at page 1, line 38 skipping to change at page 1, line 38
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 3, 2013. This Internet-Draft will expire on July 31, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 8, line 35 skipping to change at page 8, line 35
secret_key: secret_key:
A secret key that is not known by the attacker. The secret A secret key that is not known by the attacker. The secret
key MUST be initialized at system installation time to a key MUST be initialized at system installation time to a
pseudo-random number (see [RFC4086] for randomness pseudo-random number (see [RFC4086] for randomness
requirements for security). An implementation MAY provide the requirements for security). An implementation MAY provide the
means for the user to change the secret key. means for the user to change the secret key.
2. The Interface Identifier is finally obtained by taking the 2. The Interface Identifier is finally obtained by taking the
leftmost 64 bits of the RID value computed in the previous step, leftmost 64 bits of the RID value computed in the previous step,
and and setting bit 6 (the leftmost bit is numbered 0) to zero. and setting bit 6 (the leftmost bit is numbered 0) to zero. This
This creates an interface identifier with the universal/local bit creates an interface identifier with the universal/local bit
indicating local significance only. The resulting Interface indicating local significance only. The resulting Interface
Identifier should be compared against a list of reserved Identifier should be compared against the list of reserved
interface identifiers and to those already employed in an address interface identifiers [IANA-RESERVED-IID], and to those interface
of the same network interface and the same network prefix. In identifiers already employed in an address of the same network
the event that an unacceptable identifier has been generated, interface and the same network prefix. In the event that an
this situation should be handled in the same way as the case of unacceptable identifier has been generated, this situation should
duplicate addresses (see Section 4). be handled in the same way as the case of duplicate addresses
(see Section 4).
This document does not require the use of any specific PRF for the This document does not require the use of any specific PRF for the
function F() above, since the choice of such PRF is usually a trade- function F() above, since the choice of such PRF is usually a trade-
off between a number of properties (processing requirements, ease of off between a number of properties (processing requirements, ease of
implementation, possible intellectual property rights, etc.), and implementation, possible intellectual property rights, etc.), and
since the best possible choice for F() might be different for since the best possible choice for F() might be different for
different types of devices (e.g. embedded systems vs. regular different types of devices (e.g. embedded systems vs. regular
servers) and might possibly change over time. servers) and might possibly change over time.
Note that the result of F() in the algorithm above is no more secure Note that the result of F() in the algorithm above is no more secure
skipping to change at page 12, line 38 skipping to change at page 12, line 38
We note that this algorithm is meant to be an alternative to We note that this algorithm is meant to be an alternative to
interface identifiers such as those specified in [RFC2464], but is interface identifiers such as those specified in [RFC2464], but is
not meant as an alternative to temporary Interface IDs (such as those not meant as an alternative to temporary Interface IDs (such as those
specified in [RFC4941]). Clearly, temporary addresses may help to specified in [RFC4941]). Clearly, temporary addresses may help to
mitigate the correlation of activities of a node within the same mitigate the correlation of activities of a node within the same
network, and may also reduce the attack exposure window (since network, and may also reduce the attack exposure window (since
privacy/temporary addresses are short-lived when compared to the privacy/temporary addresses are short-lived when compared to the
addresses generated with the method specified in this document). We addresses generated with the method specified in this document). We
note that implementation of this algorithm would still benefit those note that implementation of this algorithm would still benefit those
hosts employing "Privacy Addresses", since it would mitigate host- hosts employing "Privacy Addresses", since it would mitigate host-
tracking vectors still present when privacy addresses are used tracking vectors still present when privacy addresses are used (see
(Appendix A, and would also mitigate host-scanning techniques that Appendix A), and would also mitigate host-scanning techniques that
leverage patterns in IPv6 addresses that embed IEEE identifiers. leverage patterns in IPv6 addresses that embed IEEE identifiers.
Finally, we note that the method described in this document may Finally, we note that the method described in this document may
mitigate most of the privacy concerns arising from the use of IPv6 mitigate most of the privacy concerns arising from the use of IPv6
addresses that embed IEEE identifiers, without the use of temporary addresses that embed IEEE identifiers, without the use of temporary
addresses, thus possibly offering an interesting trade-off for those addresses, thus possibly offering an interesting trade-off for those
scenarios in which the use of temporary addresses is not feasible. scenarios in which the use of temporary addresses is not feasible.
7. Acknowledgements 7. Acknowledgements
The algorithm specified in this document has been inspired by Steven The algorithm specified in this document has been inspired by Steven
Bellovin's work [RFC1948] in the area of TCP sequence numbers. Bellovin's work ([RFC1948]) in the area of TCP sequence numbers.
The author would like to thank (in alphabetical order) Karl Auer, The author would like to thank (in alphabetical order) Karl Auer,
Steven Bellovin, Matthias Bethke, Brian Carpenter, Dominik Elsbroek, Steven Bellovin, Matthias Bethke, Brian Carpenter, Tassos
Bob Hinden, Christian Huitema, Ray Hunter, Jong-Hyouk Lee, Michael Chatzithomaoglou, Dominik Elsbroek, Bob Hinden, Christian Huitema,
Richardson, and Ole Troan, for providing valuable comments on earlier Ray Hunter, Jong-Hyouk Lee, Michael Richardson, and Ole Troan, for
versions of this document. providing valuable comments on earlier versions of this document.
This document is based on the technical report "Security Assessment This document is based on the technical report "Security Assessment
of the Internet Protocol version 6 (IPv6)" [CPNI-IPv6] authored by of the Internet Protocol version 6 (IPv6)" [CPNI-IPv6] authored by
Fernando Gont on behalf of the UK Centre for the Protection of Fernando Gont on behalf of the UK Centre for the Protection of
National Infrastructure (CPNI). National Infrastructure (CPNI).
Fernando Gont would like to thank CPNI (http://www.cpni.gov.uk) for Fernando Gont would like to thank CPNI (http://www.cpni.gov.uk) for
their continued support. their continued support.
8. References 8. References
skipping to change at page 14, line 49 skipping to change at page 14, line 49
[RFC3542] Stevens, W., Thomas, M., Nordmark, E., and T. Jinmei, [RFC3542] Stevens, W., Thomas, M., Nordmark, E., and T. Jinmei,
"Advanced Sockets Application Program Interface (API) for "Advanced Sockets Application Program Interface (API) for
IPv6", RFC 3542, May 2003. IPv6", RFC 3542, May 2003.
[I-D.ietf-opsec-ipv6-host-scanning] [I-D.ietf-opsec-ipv6-host-scanning]
Gont, F. and T. Chown, "Network Reconnaissance in IPv6 Gont, F. and T. Chown, "Network Reconnaissance in IPv6
Networks", draft-ietf-opsec-ipv6-host-scanning-00 (work in Networks", draft-ietf-opsec-ipv6-host-scanning-00 (work in
progress), December 2012. progress), December 2012.
[IANA-RESERVED-IID]
Reserved IPv6 Interface Identifiers, "http://www.iana.org/
assignments/ipv6-interface-ids/ipv6-interface-ids.xml".
[Gont-DEEPSEC2011] [Gont-DEEPSEC2011]
Gont, "Results of a Security Assessment of the Internet Gont, "Results of a Security Assessment of the Internet
Protocol version 6 (IPv6)", DEEPSEC 2011 Conference, Protocol version 6 (IPv6)", DEEPSEC 2011 Conference,
Vienna, Austria, November 2011, <http:// Vienna, Austria, November 2011, <http://
www.si6networks.com/presentations/deepsec2011/ www.si6networks.com/presentations/deepsec2011/
fgont-deepsec2011-ipv6-security.pdf>. fgont-deepsec2011-ipv6-security.pdf>.
[Gont-BRUCON2012] [Gont-BRUCON2012]
Gont, "Recent Advances in IPv6 Security", BRUCON 2012 Gont, "Recent Advances in IPv6 Security", BRUCON 2012
Conference, Ghent, Belgium, September 2012, <http:// Conference, Ghent, Belgium, September 2012, <http://
 End of changes. 10 change blocks. 
20 lines changed or deleted 25 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/