RFC 3756 (rfc3756) - Page 1 of 23


IPv6 Neighbor Discovery (ND) Trust Models and Threats



Alternative Format: Original Text Document



Network Working Group                                   P. Nikander, Ed.
Request for Comments: 3756                 Ericsson Research Nomadic Lab
Category: Informational                                         J. Kempf
                                                         DoCoMo USA Labs
                                                             E. Nordmark
                                           Sun Microsystems Laboratories
                                                                May 2004


         IPv6 Neighbor Discovery (ND) Trust Models and Threats

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).  All Rights Reserved.

Abstract

   The existing IETF standards specify that IPv6 Neighbor Discovery (ND)
   and Address Autoconfiguration mechanisms may be protected with IPsec
   Authentication Header (AH).  However, the current specifications
   limit the security solutions to manual keying due to practical
   problems faced with automatic key management.  This document
   specifies three different trust models and discusses the threats
   pertinent to IPv6 Neighbor Discovery.  The purpose of this discussion
   is to define the requirements for Securing IPv6 Neighbor Discovery.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
       1.1. Remarks . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2.  Previous Work. . . . . . . . . . . . . . . . . . . . . . . . .  4
   3.  Trust Models . . . . . . . . . . . . . . . . . . . . . . . . .  4
       3.1. Corporate Intranet Model. . . . . . . . . . . . . . . . .  5
       3.2. Public Wireless Network with an Operator. . . . . . . . .  6
       3.3. Ad Hoc Network. . . . . . . . . . . . . . . . . . . . . .  7
   4.  Threats on a (Public) Multi-Access Link. . . . . . . . . . . .  8
       4.1. Non router/routing related threats. . . . . . . . . . . .  9
            4.1.1. Neighbor Solicitation/Advertisement Spoofing . . .  9
            4.1.2. Neighbor Unreachability Detection (NUD) failure. . 10
            4.1.3. Duplicate Address Detection DoS Attack . . . . . . 11
       4.2. Router/routing involving threats. . . . . . . . . . . . . 12
            4.2.1. Malicious Last Hop Router. . . . . . . . . . . . . 12



Nikander, et al.             Informational