AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
Powered by AMiner. Clicking this button will take you away from SciOpen.
Home Tsinghua Science and Technology Article
PDF (1.4 MB)
Cite
EndNote(RIS) BibTeX
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Open Access

Secure DHCPv6 Mechanism for DHCPv6 Security and Privacy Protection

Lishan LiGang RenYing Liu( )Jianping Wu
Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing 100084, China.
Show Author Information

Abstract

With the rapid developmen of the Internet, the exhaustion of IPv4 address limited the development of the Internet for years. IPv6, as the core technology of the next generation Internet, has since been rapidly deployed around the world. As the widely deployed address configuration protocol, DHCPv6 is responsible for allocating globally unique IPv6 addresses to clients, which is the basis for all the network services. However, the initial design of the DHCPv6 protocol gave little consideration to the privacy and security issues, which has led to a proliferation of privacy and security accidents breaches in its real deployment. In this paper, to fundamentally solve a range of possible security and privacy issues, we propose a secure DHCPv6 mechanism, which adds authentication and encryption mechanisms into the original DHCPv6 protocol. Compared with other proposed security mechanisms for the DHCPv6, our method can achieve all-around protection for the DHCPv6 protocol with minimal change to the current protocol, easier deployment, and low computing cost.

Keywords

securityprivacyDHCPv6IETFauthenticationencryption

References

[1]
G. Huston, IPv4 address report, http://www.potaroo.net/tools/ipv4, 2011.
[2]
S. Deering and R. Hinden, RFC2460: Internet protocol, version 6 (IPv6) specification, IETF, 1998.
[3]
T. Jinmei, S. Thomson, and T. Narten, RFC4862: IPv6 stateless address autoconfiguration, IETF, 2007.
[4]
R. Droms, J. Bound, B. Volz, T. Lemon, C. Perkins, and M. Carney, RFC3315: Dynamic host configuration protocol for IPV6 (DHCPv6), 2003.
[5]
m4tt, Smart trash can knows how fast you walk and which smartphone you use, http://www.theverge.com/2013/8/9/4604980/smartuk-trashcans-smartphone-speed-proximity-wifi, 2013.
[6]
G. White, Inside the shopping Centre that tracks your every move, http://www.channel4.com/news/shoppingcentre-wifi-tracking-spy-data, 2014.
[7]
B. Volz, IETF DHC WG charter, http://datatracker.ietf.org/wg/dhc/charter/, 2017.
[8]
S. Krishnan, T. Mrugalski, and S. Jiang, RFC7824: Privacy considerations for DHCPv6, IETF, 2016.
[9]
C. Huitema, T. Mrugalski, and S. Krishnan, RFC7844: Anonymity profile for DHCP clients, IETF, 2016.
[10]
T. Mrugalski, M. Siodelski, B. Volz, A. Yourtchenko, M. Richardson, S. Jiang, and T. Lemon, Dynamic host configuration protocol for IPV6 (DHCPv6) bis, IETF, 2017.
[11]
S. Groat, M. Dunlop, R. Marchany, and J. Tront, What DHCPv6 says about you, in Proc. 2011 World Congress on Internet Security, London, UK, 2011, pp. 146-151.
Crossref
[12]
S. Farrell, and H. Tschofenig, RFC7258: Pervasive monitoring is an attack, IETF, 2014.
[13]
P. Yee, RFC5280: Updates to the internet X.509 public key infrastructure certificate and Certificate Revocation List (CRL) profile, IETF, 2013.
[14]
V. Dukhovni, RFC7435: Opportunistic security: Some protection most of the time?, IETF, 2014.
[15]
W. Q. Sun, H. W. Li, and J. P. Wu, Fast mobility solutions in software-defined networks, (in Chinese), J. Tsinghua Univ. (Sci. Technol)., vol. 55, no. 8, pp. 900-905, 2015.
Google Scholar
[16]
Internet Systems Consortium, ISC DHCP, https://www.isc.org/downloads/dhcp/, 2016.
[17]
kea, Secure DHCPv6, https://kea.isc.org/wiki/SecureDHCPv6, 2015.
[18]
IETF-93 (Prague) DHC WG Meeting, https://www.ietf.org/proceedings/93/slides/slides-93-dhc-0.pdf, 2015.
[19]
L. Li, S. Jiang, Y. Cui, T. Jinmei, T. Lemon, and D. Zhang, Secure DHCPv6, draft-ietf-dhc-sedhcpv6-21, IETF, 2017.
[20]
J. Wu, J. Bi, M. Bagnulo, F. Baker, and C. Vogt, RFC7039: Source address validation improvement (SAVI) framework, IETF, 2013.
[21]
J. Bi, J. Wu, G. Yao, and F. Baker, RFC7513: Source address validation improvement (SAVI) solution for DHCP, IETF, 2015.
[22]
IETF dhc wg maillist, https://www.ietf.org/mailarchive/web/dhcwg/current/msg18104.html, 2017.
[23]
L. He, G. Ren, and Y. Liu, General requirement driven IPv6 address generation mechanisms management system, (in Chinese), Huazhong Univ. Sci. Technol. Nat. Sci. Ed., vol. 44, no. S1, pp. 89-93, 2016.
Google Scholar
[24]
Y. Liu, G. Ren, J. P. Wu, S. L. Zhang, L. He, and Y. H. Jia, Building an IPv6 address generation and traceback system with NIDTGA in Address Driven Network, Sci. China Inf. Sci., vol. 58, no. 12, pp. 1-14, 2015.
Crossref Google Scholar
Tsinghua Science and Technology
Volume 23 Issue 1,
February 2018
Pages 13-21
DOI: 10.26599/TST.2018.9010020
Cite this article:
Li L, Ren G, Liu Y, et al. Secure DHCPv6 Mechanism for DHCPv6 Security and Privacy Protection. Tsinghua Science and Technology, 2018, 23(1): 13-21. https://doi.org/10.26599/TST.2018.9010020

624

Views

36

Downloads

11

Crossref

N/A

Web of Science

13

Scopus

1

CSCD

Altmetrics
Received: 20 November 2016
Accepted: 21 June 2017
Published: 15 February 2018
© The authors 2018
Return