Privacy is Not an Option: Attacking the IPv6 Privacy Extension

J. Ullrich, E. Weippl:
"Privacy is Not an Option: Attacking the IPv6 Privacy Extension";
Vortrag: 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Kyoto, Japan; 02.11.2015 - 04.11.2015; in:"Proceedings of the 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)", Springer Lecture Notes in Computer Science, (2015), S. 448 - 468.

[ Publication Database ]

Abstract:


The IPv6 privacy extension introduces temporary addresses
to protect against address-based correlation, i. e., the attribution of different transactions to the same origin using addresses, and is considered as state-of-the-art mechanism for privacy protection in IPv6. In this paper, we scrutinize the extension's capability for protection by analyzing its algorithm for temporary address generation in detail. We develop an attack that is based on two insights and shows that the notion of protection is false: First, randomization is scarce and future identifiers can be predicted once the algorithm's internal state is known. Second, a victim's temporary addresses form a side channel and allow an adversary to synchronize to this internal state. Finally, we highlight mitigation strategies, and recommend a revision of the extension's specification.