IZNAN HUSAINY HASBULLAH
Articles written in Sadhana
Volume 45 All articles Published: January 2020 Article ID 0033 Original Article (Computer Sciences)
Internet Protocol version 6 (IPv6) deployment continues to gain ground due to the increasing demand for IP addresses generated by the number of Internet facing devices, and it is compounded by the exhaustion of allocatable IPv4 addresses. Dynamic Host Configuration Protocol version 6 (DHCPv6) is used toallocate IPv6 addresses and distribute network configuration information to IPv6 hosts in a link-local network. However, DHCPv6 messages in transit expose identifiable information of the DHCPv6 client that could be usedby malicious users to track their victims. Additionally, the lack of an authentication mechanism leaves IPv6 hosts vulnerable to rogue DHCPv6 server attacks. This paper introduces DHCPv6 Authentication (DHCPv6Auth) mechanism to prevent rogue DHCPv6 server attacks and protect the privacy of IPv6 hosts.DHCPv6Auth uses the Ed25519 digital signature algorithm for authentication and could be used in conjunction with Anonymity Profile mechanisms for privacy protection. The DHCPv6Auth mechanism was compared withother mechanisms in terms of processing time, prevention of rogue DHCPv6 server attack, and protection of users’ privacy. The results show that it requires less processing time and traffic overhead than other authenticationmechanisms; is able to prevent rogue DHCPv6 server attacks; and provides better privacy protection for the IPv6 host than other authentication mechanisms to which it was compared.