Exposing potential privacy issues with IPV6 address construction
Document Type
Conference Proceeding
Publisher
Security Research Institute, Edith Cowan University
Faculty
Faculty of Computing, Health and Science
School
ECU Security Research Institute
RAS ID
14591
Abstract
The usage of 128 bit addresses with hexadecimal representation in IPv6 poses significant potential privacy issues. This paper discusses the means of allocating IPv6 addresses, along with the implications each method may have upon privacy in different usage scenarios. The division of address space amongst the global registries in a hierarchal fashion can provide geographical information about the location of an address, and its originating device. Many IPv6 address configuration methods are available, including DHCPv6, SLAAC (with or without privacy extensions), and Manual assignment. These assignment techniques are dissected to expose the identifying characteristics of each technique. It is seen that use of the modified EUI-64 in SLAAC can allow agents to simply decipher an interface’s MAC address over layer 3 communications, whilst discernable patterns can be used to identify the presence of DHCPv6 or manual address assignment. Additionally, the frequency and lifetime of unique addresses originating from a single network prefix may allude to privacy addresses in use within the network. Together these issues pose a risk to the privacy of IPv6 users, as it may allow for tracking of users of portable network devices.
DOI
10.4225/75/57b556f5cd8d7
Access Rights
free_to_read
Comments
Carpene, C. R., & Woodward, A. J. (2012). Exposing potential privacy issues with IPV6 address construction. Proceedings of Australian Information Security Management Conference. (pp. 44-50). Western Australia. Perth, Western Australia. Security Research Institute, Edith Cowan University. Available here.