Documente Academic
Documente Profesional
Documente Cultură
Outlines
IPv6 Background Address Space and Notation IPv4 packet format details IPv6 packet format IPv6 Issues IPv4 security issues IPv6 security improvements Authentication Headers Encapsulating Security Payload
IPv6 Background
1. Internet Protocol version 6 (IPv6) is a version of the Internet Protocol (IP). 2. Growth of the Internet has created a need for more addresses than are possible with IPv4. 3. Severe shortage of IP addresses causes limited growth for exiting users 4. IETF started effort to specify new version of IP in 1991 1. New version would require change of header 2. Include all modifications in one new protocol 3. Solicitation of suggestions from community
Standard representation is set of eight 16-bit values separated by colons E.g.. 47CD:1234:3200:0000:0000:4325:B792:0428
If there are large number of zeros, they can be omitted with series of colons 1. E.g.. 47CD:1234:3200::4325:B792:0428
5
Ident
Flags
Offset
TTL
Protocol
Checksum
SourceAddr
Options (variable)
SourceAddr (4 words)
DestinationAddr (4 words)
5. Payload length does not include header limits packets to 64KB 6. Hop limit = TTL field 7. Next header combines options and protocol
1. If there are no options then Next Header is the protocol field 2. E.g. routing, fragmentation, authentication encryption
IPv6 Issues
1. 2. 3. 4. 5. Is security necessary in IP? Hop limit: is 65536 necessary? Is the checksum necessary? How do servers handle both types of packets? Address length: usable addresses vs. overhead
IPv6 Security[1]
1. IPv6 uses IPSec in all the nodes. 2. IPSec consists of set of cryptographic protocols provides for securing data communication and key exchange. IPSec uses 2 protocols 1. Authentication Header (AH) 2. Encapsulating Security Payload (ESP)
10
11
12
1.Transport Mode 2.Tunnel Mode But in IPv6 there is no need for a tunnel mode because both the AH and ESP protocols provide enough functionality to secure IPv6 traffic.
13
References
[1]Samuel Sotillo, East Carolina University IPv6 Security Issues May 2005. [2] http://en.wikipedia.org/wiki/IPsec [3] http://publib.boulder.ibm.com/infocenter/iseries. [4] en.wikipedia.org/wiki/IPv6.
14