Voucher-Based Addressing & Sessions: A Simple, Flexible, Privacy-Preserving Recipe for Mitigating IPv6 Neighbor Discovery Redirection Attacks
dc.contributor.author | Puhl, Zachary Tyler | |
dc.contributor.advisor | Guo, Jinhua | |
dc.date.accessioned | 2024-07-12T19:09:32Z | |
dc.date.issued | 2024-12-20 | |
dc.date.submitted | 2024-06-20 | |
dc.identifier.uri | https://hdl.handle.net/2027.42/194096 | |
dc.description.abstract | The vast majority of local IPv6 networks continue to remain insecure and vulnerable to neighbor spoofing attacks, a fearsomely practical attack vector formally described many years ago. The Secure Neighbor Discovery (SEND) standard and its concomitant Cryptographically Generated Addressing (CGA) scheme were introduced, revised, and adopted by large standards bodies to codify practical mitigations. Considering their poor adoption, much research since their acceptance has continued to find new perspectives and proffer new ideas. The orthodox solutions for securing Neighbor Discovery traffic have historically struggled to successfully harmonize three core ideals: simplicity, flexibility, and privacy preservation. This research introduces an alternative to IPv6 address generation methods that secures the Neighbor Discovery address resolution process while remaining highly adaptable, indistinguishable, and privacy-focused. Applying a unique concoction of cryptographic key derivation functions, hash chaining, link-layer address binding, and neighbor consensus on the parameters of address generation, local address ownership is verifiable without the need for techniques that have hindered the adoption of the canonical specifications. Voucher-Based Addressing and end-to-end Neighbor Discovery Sessions are presented as synergistic, low-configuration, low-cost, and high-impact specifications for securing local networks against neighbor spoofing attacks. | en_US |
dc.language.iso | en_US | en_US |
dc.subject | IPv6 | en_US |
dc.subject | Security | en_US |
dc.subject | Networking | en_US |
dc.subject | NDP | en_US |
dc.subject | Neighbor Discovery | en_US |
dc.subject | Spoofing | en_US |
dc.subject | Privacy | en_US |
dc.subject.other | Computer and Information Science | en_US |
dc.title | Voucher-Based Addressing & Sessions: A Simple, Flexible, Privacy-Preserving Recipe for Mitigating IPv6 Neighbor Discovery Redirection Attacks | en_US |
dc.type | Thesis | en_US |
dc.description.thesisdegreename | Master of Science (MS) | en_US |
dc.description.thesisdegreediscipline | Computer and Information Science, College of Engineering & Computer Science | en_US |
dc.description.thesisdegreegrantor | University of Michigan-Dearborn | en_US |
dc.contributor.committeemember | Ma, Di | |
dc.contributor.committeemember | Eshet, Birhanu | |
dc.identifier.uniqname | zpuhl | en_US |
dc.description.bitstreamurl | http://deepblue.lib.umich.edu/bitstream/2027.42/194096/1/Puhl_Thesis_Voucher_Based_Addressing.pdf | |
dc.identifier.doi | https://dx.doi.org/10.7302/23540 | |
dc.description.mapping | febc42ae-d444-43ae-98fd-dc98ee638897 | en_US |
dc.identifier.orcid | 0009-0001-6955-8104 | en_US |
dc.description.filedescription | Description of Puhl_Thesis_Voucher_Based_Addressing.pdf : Dissertation | |
dc.working.doi | 10.7302/23540 | en_US |
dc.owningcollname | Dissertations and Theses (Ph.D. and Master's) |
Files in this item
Remediation of Harmful Language
The University of Michigan Library aims to describe library materials in a way that respects the people and communities who create, use, and are represented in our collections. Report harmful or offensive language in catalog records, finding aids, or elsewhere in our collections anonymously through our metadata feedback form. More information at Remediation of Harmful Language.
Accessibility
If you are unable to use this file in its current format, please select the Contact Us link and we can modify it to make it more accessible to you.