Sciweavers

SPW
2001
Springer

Denial-of-Service, Address Ownership, and Early Authentication in the IPv6 World

13 years 8 months ago
Denial-of-Service, Address Ownership, and Early Authentication in the IPv6 World
In the IPv6 world, the IP protocol itself, i.e., IPv6, is used for a number of functions that currently fall beyond the scope of the IPv4 protocol. These functions include address configuration, neighbour detection, router discovery, and others. It is either suggested to or required that IPsec is used to secure these functions. Furthermore, IPsec is used to protect a number of functions that are considered dangerous in the IPv4 world, including mobility management and source routing. Now, the currently prominent method for creating IPsec Security Associations, the Internet Key Exchange (IKE) protocol, is both relatively heavy and requires that the underlying IP stacks are already fully functional, at least to the point that UDP may be used. As a result, the combination of the widened responsibility of IPsec and the relative heavy weight of IKE creates a vicious cycle that is a potential source of various denial-of-service attacks. Additionally, if we want to use IPsec to secure IPv6 a...
Pekka Nikander
Added 30 Jul 2010
Updated 30 Jul 2010
Type Conference
Year 2001
Where SPW
Authors Pekka Nikander
Comments (0)