Skip to content

Latest commit

 

History

History
6 lines (4 loc) · 1.49 KB

File metadata and controls

6 lines (4 loc) · 1.49 KB

A-Novel-Approach-To-Secure-IPv6-SLAAC-And-DAD

Developed an alternative approach to SeND protocol for securing IPv6 SLAAC and DAD. The repo contains the code for address generation at sender side and the DAD process at both sender and receiver.

ABSTRACT: Over the last few years, IPv6 has gained momentum in the industry with deployments of decreasing complexity, improving security, and offering 340 sextillion unique IP addresses. The IPv6 protocol is considered more reliable and secure when compared to its 32-bit counterpart. The most important part of IPv6 protocol is the Neighbor Discovery (NDP) which enables a node to communicate with other devices on the same LAN. The IPv6 SLAAC where there are no central address configuration servers is also based on the NDP process which uses Duplicate Address Detection to verify the uniqueness of generated addresses on the local link. However, this process is susceptible to many attacks and making it secure should be one of the primary concerns to address the related issues in small IPv6 networks. In this paper, we introduce a new approach to optimize the security of NDP and DAD processes. This method is based on SHA-512 to verify the identity of NDP messages on the local link. The technique is programmatically implemented to illustrate the secure DAD process and estimate the resources utilized at a given node.

The repo includes a text file describing the algorithm along with Python and C++ implementations. It also includes the documentation for the approach.