Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Cryptographically Generated Addresses (CGA) (RFC3972)

IP.com Disclosure Number: IPCOM000099094D
Original Publication Date: 2005-Mar-01
Included in the Prior Art Database: 2005-Mar-12
Document File: 23 page(s) / 51K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

T. Aura: AUTHOR

Abstract

This document describes a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol. Cryptographically Generated Addresses (CGA) are IPv6 addresses for which the interface identifier is generated by computing a cryptographic one-way hash function from a public key and auxiliary parameters. The binding between the public key and the address can be verified by re-computing the hash value and by comparing the hash with the interface identifier. Messages sent from an IPv6 address can be protected by attaching the public key and auxiliary parameters and by signing the message with the corresponding private key. The protection works without a certification authority or any security infrastructure.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 5% of the total text.

Network Working Group                                            T. Aura

Request for Comments: 3972                            Microsoft Research

Category: Standards Track                                     March 2005

              Cryptographically Generated Addresses (CGA)

Status of This Memo

   This document specifies an Internet standards track protocol for the

   Internet community, and requests discussion and suggestions for

   improvements.  Please refer to the current edition of the "Internet

   Official Protocol Standards" (STD 1) for the standardization state

   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   This document describes a method for binding a public signature key

   to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol.

   Cryptographically Generated Addresses (CGA) are IPv6 addresses for

   which the interface identifier is generated by computing a

   cryptographic one-way hash function from a public key and auxiliary

   parameters.  The binding between the public key and the address can

   be verified by re-computing the hash value and by comparing the hash

   with the interface identifier.  Messages sent from an IPv6 address

   can be protected by attaching the public key and auxiliary parameters

   and by signing the message with the corresponding private key.  The

   protection works without a certification authority or any security

   infrastructure.

Aura                        Standards Track                     [Page 1]

RFC 3972         Cryptographically Generated Addresses        March 2005

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2

   2.  CGA Format . . . . . . . . . . . . . . . . . . . . . . . . . .  3

   3.  CGA Parameters and Hash Values . . . . . . . . . . . . . . . .  5

   4.  CGA Generation . . . . . . . . . . . . . . . . . . . . . . . .  6

   5.  CGA Verification . . . . . . . . . . . . . . . . . . . . . . .  9

   6.  CGA Signatures . . . . . . . . . . . . . . . . . . . . . . . . 10

   7.  Security Considerations  . . . . . . . . . . . . . . . . . . . 12

       7.1.  Security Goals and Limitations . . . . . . . . . . . . . 12

       7.2.  Hash Extension . . . . . . . . . . . . . . . . . . . . . 13

       7.3.  Privacy Considerations . . . . . . . . . . . . . . . . . 15

       7.4.  Related Protocols  . . . . . . . . . . . . . . . . . . . 15

   8.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 16

   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 17

       9.1.  Normative References . . . . . . . . . . . . . . . . . . 17

    ...