{"title":"IPv6 Cryptographically Generated Address: Analysis and Optimization","authors":"Junaid Latief Shah, J. Parvez","doi":"10.1145/2979779.2979781","DOIUrl":null,"url":null,"abstract":"Cryptographically generated address (CGA) is a prime inherent element of SEND protocol introduced in IPv6.CGA works without relying on any trusted third party authority or Public Key Infrastructure (PKI).CGA find their application in proving address ownership and prevent spoofing or theft of IPv6 addresses by binding senders public key with the generated address. Though CGA is a promising technique and offers substantial amount of security, it does possess some limitations and performance bottlenecks. CGA is computationally intensive determined by the security parameter 'sec' and bandwidth gobbling due to use of RSA keys. For a higher value of 'sec', there is no guarantee on termination of brute force search for modifier. This paper evaluates the performance and discusses possible techniques that can be used in optimizing the use of IPv6 CGA. The techniques discussed are the possible modifications to the standard RFC 3972.These include reducing the granularity factor of sec from 16 to 8, replacing RSA with ECC and ECSDSA, using SHA-256 hash function instead of SHA-1 and including subnet prefix in the calculation of CGA. The paper also compares the modified CGA with standard CGA and advocates the reasons for incorporating these changes so that enhanced hybrid version of CGA can be obtained.","PeriodicalId":298730,"journal":{"name":"Proceedings of the International Conference on Advances in Information Communication Technology & Computing","volume":"29 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the International Conference on Advances in Information Communication Technology & Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2979779.2979781","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
Cryptographically generated address (CGA) is a prime inherent element of SEND protocol introduced in IPv6.CGA works without relying on any trusted third party authority or Public Key Infrastructure (PKI).CGA find their application in proving address ownership and prevent spoofing or theft of IPv6 addresses by binding senders public key with the generated address. Though CGA is a promising technique and offers substantial amount of security, it does possess some limitations and performance bottlenecks. CGA is computationally intensive determined by the security parameter 'sec' and bandwidth gobbling due to use of RSA keys. For a higher value of 'sec', there is no guarantee on termination of brute force search for modifier. This paper evaluates the performance and discusses possible techniques that can be used in optimizing the use of IPv6 CGA. The techniques discussed are the possible modifications to the standard RFC 3972.These include reducing the granularity factor of sec from 16 to 8, replacing RSA with ECC and ECSDSA, using SHA-256 hash function instead of SHA-1 and including subnet prefix in the calculation of CGA. The paper also compares the modified CGA with standard CGA and advocates the reasons for incorporating these changes so that enhanced hybrid version of CGA can be obtained.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
