Cryptology ePrint Archive: Report 2013/387
Cryptographically Protected Prefixes for Location Privacy in IPv6
Jonathan Trostle and Hosei Matsuoka and James Kempf and Toshiro Kawahara and Ravi Jain
Abstract: There is a growing concern with preventing unauthorized agents from discovering the geographical location of Internet users, a kind of security called location privacy. Typical deployments of IPv6 make it possible to deduce the approximate geographical location of a device from its IPv6 address. We present a scheme called Cryptographically Protected Prefixes (CPP), to address this problem at the level of IPv6 addressing and forwarding. CPP randomizes the address space of a defined topological region (privacy domain), thereby making it infeasible to infer location information from an IP address.
CPP can be deployed incrementally. We present an adversary model and show that CPP is secure within the model, assuming the existence of pseudorandom functions. We have implemented CPP as a pre-processing step within the forwarding algorithm in the FreeBSD 4.8 kernel. Our performance testing indicates that CPP pre-processing results in a 40–50 percent overhead for packet forwarding in privacy domain routers. The additional end to end per packet delay is roughly 20 to 60 microseconds. We also give an attack against the address encryption scheme in [Raghavan et al. 2009]. We show that the CPP forwarding algorithm is resilient in the event of network failures.
Category / Keywords: applications / Network layer location privacy, address encryption, anonymity, IPv6, CPP
Publication Info: Expanded version of conference paper from 2004 Privacy Enhancing Technologies Workshop: Springer LNCS 3424, pp. 142-166
Date: received 13 Jun 2013
Contact author: jon49175 at yahoo com
Available format(s): PDF | BibTeX Citation
Version: 20130617:145030 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]