Security Enhancement of IPV6 Using Advance Encryption Stsndard and Diffie Hellman

Mohammad Amjad¹

¹ Faculty of Engineering and Technology, Jamia Millia Islamia, New Delhi. India.

Correspondence should be addressed to: mamjad@jmi.ac.in.

Section:Research Paper, Product Type: Journal
Vol.5 , Issue.3 , pp.182-187, Jun-2017

Online published on Jun 30, 2017

Copyright © Mohammad Amjad . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

1066 Views    407 Downloads    290 Downloads

Abstract :
The internet protocol version 6 was developed to extend and eventually replace IPV4s capabilities but it poses several significant security issues. The stress in this paper is to identify the vulnerabilities that come in IPV6 and how to remove those vulnerabilities. The default method for IPv6 address generation uses an Organizationally Unique Identifier (OUI) assigned by the IEEE Standards Association and an Extension Identifier assigned by the hardware manufacturer. For this reason a node will always have the same Interface ID whenever it connects to a new network. Because the nodes IP address does not change, the node will be vulnerable to privacy related attacks. To remove this issue along with other vulnerabilities I will use a mechanism that randomizing the interface ID during its generation and more importantly, the verification process. The interface ID is also enciphered by using Advance Encryption Standard (AES). To enhance the security cryptographic algorithm Diffie Hellman for authentication and AES algorithm for encryption and decryption process is used both for the address of IPV6 as well as the message generated by the sender and receiver using the services of IPV6. In the proposed method both the combination of AES and Diffie Hellman is used to ensure authenticity and remove susceptibility. The proposed method is implemented in C# on .NET platform to realize the method.

Key-Words / Index Term :
IPV6, Randomized Interface ID, AES, Diffie Hellman, Datagram, SLAAC, Duplicate address

References :
[1] M. Rostanski, M.; T. Mushynskyy, “Security Issues of IPv6 Network Autoconfiguration�. In Proceedings of the 12th International Conference on Computer Information Systems and Industrial Management Applications (CISIM 2013), Krakow, Poland,; Springer: Heidelberg, Germany, 2013; pp. 218–228, 25–27 September 2013.
[2] R. AlJaafreh; J.Mellor ; M. Kamala.; B. Kasasbeh, “Bi-directional Mapping System as a New IPv4/IPv6 Translation Mechanism�. In Proceedings of the Tenth International Conference on Computer Modeling and Simulation (UKSIM08), Cambridge, UK, IEEE Computer Society: Los Alamitos, CA, USA, 2008, pp. 40–45. 1–3 April 2008
[3] C. Medaglia and A. Serbanati, “An overview of privacy and security issues in the Internet of things,� In Proceedings of the 7th International Conference on The Internet of Things. New York, NY, USA: Springer-Verlag, 2010, pp. 389–395, 04th Jan 2010.
[4] S. Raza, S. Duquennoy, J. Hoglund, U. Roedig, and T. Voigt, “Secure communication for the Internet of Things—A comparison of link-layer security and IPsec for LoWPAN� International Journal of Security and Communication Network�, vol. 7, no. 12, pp. 2654–2668, Dec. 2014.
[5] Simone Cirani , Gianluigi Ferrari and Luca Veltri, “Enforcing Security Mechanisms in the IP-Based Internet of Things: An Algorithmic Overview� International Journal of Algorithm, Vol. 6, pp-197-226, February 2013.
[6] M. Brachmann, S. Keoh, O. G. Morchon, and S. S. Kumar, “End-to-end transport security in the IP-based Internet of things,� In Proceedings of the 21st International Conference on Computer and Communication. Network., 2012, pp. 1–5, 30th July -02 Auguts 2012.
[7] Tatipamula M. Grossetete P. Esaki H. "IPv6 Integration and Coexistence Strategies for Next-Generation Networks" IEEE Communications Magazine Vol. 42 No. 1 pp. 88-96, January 2004.
[8] Y. Qiu, J. Zhou, F. Bao, “Protecting All Traffic Channels in Mobile IPv6 Network�, IEEE Wireless Communications and Networking Conference 2004 (WCNC 2004), Atlanta, pp- 160-165, 21-25 March 2004.
[9] Varsha Alangar, Anusha Swaminathanm, “Ipv6 Security: Issue Of Anonymity�, International Journal Of Engineering And Computer Science IJECS, Volume 2 Issue 8 pp. 2486-2493, August, 2013
[10] Gelogo, Y. E. Caytiles, R. D. Park, B. “Threats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security�, International Journal of Control and Automation, Vol. 4, No. 4. PP:179-184, December, 2011.
[11] M. Amjad, Wireless Network Security: Susceptibility, Extortion and Kiosk� International Journal of Computer Science and Engineering IJCSE, Volume-I , Issue-3, ISSN: 2347-2693,. pp 10-14, November 2013
[12] Harsh Bhasin , Neha Kathuria, “Cryptography Automata Based Key Generation�, International Journal of Scientific Research in Network Security and Communication, Vol.1, Issue.2, pp.15-17, June 2013.
[13] W. Stallings, “Cryptography and Network Security�: Principles and Practice, 3rd ed., Prentice Hall Print.,2003, India, pp 596-625
[14] Bruce Schneier, “Applied cryptography: Protocol and Algorithm�, 2nd Edition Wiley publication 2012, India, pp- 299-358
[15] Kaufman, c., Perlman, R., and Speciner, M., “Network Security, Private Communication in a public world�, 2nd ed., Prentice Hall Print, 2002. India, pp 252-315.
[16] Behrouz A Forouzan, “Cryptography and Network Security�, 2nd Edition McGraw Hill 2010, pp- 507-531