IETF Logo Mail Archive

Re: Address privacy

Gyan Mishra <hayabusagsm@gmail.com> Mon, 27 January 2020 01:39 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE43E120100 for <ipv6@ietfa.amsl.com>; Sun, 26 Jan 2020 17:39:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lj_slabTYxhZ for <ipv6@ietfa.amsl.com>; Sun, 26 Jan 2020 17:39:16 -0800 (PST)
Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 634711200EB for <ipv6@ietf.org>; Sun, 26 Jan 2020 17:39:16 -0800 (PST)
Received: by mail-io1-xd2e.google.com with SMTP id n21so8208096ioo.10 for <ipv6@ietf.org>; Sun, 26 Jan 2020 17:39:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WRxfXTNX4onguLOy7qGA33Ys7B6LQ6F06pl0sqyJiPM=; b=gYtXuCwDbSIahqC0pZzpXpl+7VN8fRctc+wnZyQPIRgBUTdMJDQ82V85ubX3iUEexA m+mCXf545aOK5HwByk65OgIAbe2/kDrQllfWzcCGztkF5p+T8h5jw9lu4OdmSa6T5PLh IffZ94PkBkN1BXLrHrOgBaWPo1vqw95unqTx04jXRIkrcx8pb1REusdyirmDwms9ghx4 e+e4cgDSjKaQTbTH8fCJvUBBRWo7nbn/yK4HJ39VkqIV+Nt9t2UMNvE/zcLLOnA+BUYe NCVqk7SERdBkcAbuoQaqvkL4RMey//yxVeV6R3/3N165spnIwCJeMJICxJsqj8PZtNLX AJUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WRxfXTNX4onguLOy7qGA33Ys7B6LQ6F06pl0sqyJiPM=; b=c/1L0wol4+3GUJJjHE+lM/O4b9rP7N0aGYLmHibQHJJ26nx0Fs5tka/byAEFDrSdPU OpzeIFy8iNo8mHPaqAIl6SZ4pkFiMSAzjN2B1RUi2K7PnCRfbQDzcayTLJsyaOGoAyxH bcXEu8uXH1rnZqW/7qOOxOXK0q6HQPENv50AeluPLYq3CzE9NT8x9OjIHP3prJg/Zz5o iV9lCV5XL0q+eSnEK9lz6M7MdPN3Vsxfwe3fkMqLx9Nxi+rfCRq1YUuT7opxOv54S0SR USKcnxlZ9nEm+u58y94C3iPP32OzSIB5O3xzkh86ds7C6K1zX+pFCuWHJRaIWqduBqwe NpJw==
X-Gm-Message-State: APjAAAXIHelRkNIEhM2YN/WCnf4RFMFn5jML3ictF9aEt8pogiONOVjS 91S5wJ6I/V3c9Ke5rBOZRd1QUg9mGcFRQjdOz5Q=
X-Google-Smtp-Source: APXvYqx0kWO2vNMYmnojfmYKwxJJHX+aZaFC4gN4sx1Zncuw/twKBHFl8+iF2+i0gSEv6qBHhUlT5e+UrV9AS2O0Gx4=
X-Received: by 2002:a5e:8505:: with SMTP id i5mr10223973ioj.158.1580089155531; Sun, 26 Jan 2020 17:39:15 -0800 (PST)
MIME-Version: 1.0
References: <6f2a8e5a-a4f6-219b-d7c8-ba79ed257785@huitema.net> <233CE79D-B9BF-4335-8568-D178BD10CEAC@puck.nether.net> <CABNhwV2faDm=8t8KqNVJ5rWkU8or=0pyGmN8D8OyWj1S9ujVhg@mail.gmail.com> <CABNhwV2gY71PrjWQBUdtCU2Og_R3QawLNcANgVmov_3vJz4CvQ@mail.gmail.com> <31ec4e557f8846599f1161ccdf86348b@boeing.com> <18573398-e564-d7a4-d35c-fe72f117362b@gmail.com> <CABNhwV2AnPC++SzRSRwPWX_x8hU91cQAdgpvEKVAd8DbU--PcQ@mail.gmail.com>
In-Reply-To: <CABNhwV2AnPC++SzRSRwPWX_x8hU91cQAdgpvEKVAd8DbU--PcQ@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sun, 26 Jan 2020 20:39:04 -0500
Message-ID: <CABNhwV1pyFjW0FRPCwcNFwGQ-RbJMRVP=8QNmffG4TtzeGPORg@mail.gmail.com>
Subject: Re: Address privacy
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: 6man WG <ipv6@ietf.org>, "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>
Content-Type: multipart/alternative; boundary="000000000000d438de059d152c7d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/z9ldkiOmMTpw99rL76NKeLQqlJ8>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jan 2020 01:39:19 -0000

On Sun, Jan 26, 2020 at 7:05 PM Gyan Mishra <hayabusagsm@gmail.com> wrote:

>
> On Sun, Jan 26, 2020 at 5:00 PM Brian E Carpenter <
> brian.e.carpenter@gmail.com> wrote:
>
>> On 27-Jan-20 10:39, Manfredi (US), Albert E wrote:
>> ....
>> > This seems like a good default, no? The business about "privacy"
>> concerns not so much the type of privacy that data encryption would
>> provide, but rather, being able to track an individual in his/her travels.
>> Changing the IID only when the prefix changes should prevent that well
>> enough?
>>
>> The IID is normally set *before* the host generates its Link Local
>> address, which is normally before it starts to listen for RAs from which it
>> will learn the current prefix(es).
>>
>> So you'd have to make the IID for SLAAC independent of the IID for LL
>> (which is of course exactly what RFC4941 does).
>
>
>   Gyan>  Agreed.  So the happy medium achieved for two camps on opposite
> ends of the spectrum.
>
> 1.  End user privacy on mobile device connected at home or
>
> 2.  End user privacy within an enterprise- non existent as IT security and
> availability for mission critical applications -IPv6 stability and tracking
> ability is the primary objective.
>
> Happy medium achieved:
> For both scenarios following RFC 4941 disabling the temporary address and
> keeping the modified EUI-64 random IID - provides both privacy with MD5
> randomized IID - and with the IID only changing with mobility when you
> receive an new RA for SLAAC with mobility from a different subnet which is
> what we want from and IT stability perspective.  If you reboot with
> permanent storage as most devices have the IID does not change as long as
> the prefix is the same.
>
> Gyan> Is anyone aware of this vulnerability with RFC 4941 privacy
> algorithm stated below in this RIPE blog.   From this blog it appears that
> OS vendors are using a random number instead thus providing a sufficient
> level of protection.
>

https://labs.ripe.net/Members/johanna_ullrich/ipv6-addresses-security-and-privacy

RFC 4941 <https://tools.ietf.org/html/rfc4941> specifies however a
vulnerable algorithm for the Privacy Extension's interface identifier
generation. Adversaries are able to gain the algorithm's internal state via
a side channel, and predict all future addresses of a host afterwards
contradicting the intended privacy protection. The algorithm has not been
officially revised yet; nevertheless operating systems implementing the
IPv6 Privacy Extension appear to use random numbers instead and thus
provide a sufficient level of protection. Initially, the temporary
addresses of the Privacy Extension have been intended to be assigned in
addition to some sort of static addresses; nowadays, they are also assigned
in absence of static addresses. The latter fact significantly improves
protection against active scanning: the adversary now has to find the
(random or pseudo-random) temporary address instead of the static one which
is a more tedious task.

>
Kind Regards

>
>
>>
>>    Brian
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------
>>
> --
>
> Gyan  Mishra
>
> Network Engineering & Technology
>
> Verizon
>
> Silver Spring, MD 20904
>
> Phone: 301 502-1347
>
> Email: gyan.s.mishra@verizon.com
>
>
>
> --

Gyan  Mishra

Network Engineering & Technology

Verizon

Silver Spring, MD 20904

Phone: 301 502-1347

Email: gyan.s.mishra@verizon.com

v2.23.0 | Report a Bug | By Email