Hosnieh Rafiee

WinSEND: Windows SEcure Neighbor Discovery

Neighbor Discovery Protocol (NDP) is an essential protocol in IPv6 suite, but it is known to be vulnerable to critical attacks. Thus, SEcure Neighbor Discovery (SEND) is proposed to counter NDP security threats. Unfortunately, operating systems lack the sophisticated implementations for SEND. There is limited success with SEND implementation for Linux and BSD, and no implementation for Windows families. Therefore, the majority of the users are not secured with SEND. In this paper, we will introduce an implementation of SEND for Windows families (WinSEND). WinSEND is a user-space application which provides the protection for NDP in Windows. It has direct access to Network Interface Card (NIC) and efficiently handles NDP messages by using Winpcap. WinSEND works as a service with easy user interface to set the security parameters for selected NIC.

Stopping time condition for practical IPv6 Cryptographically Generated Addresses

Cryptographically Generated Addresses (CGA) are employed as an authentication mechanism in IPv6 network to realize the proof of address ownership without relying on any trust authority. The security parameter (Sec) indicates the security level of the CGA address. For Sec value greater than zero, there is no guarantee to stop the brute-force search after certain time. The address generator tries different values of Modifier until (16×Sec)-leftmost-bit of the second hash (Hash2) computes to zero. This paper proposes some modifications to the standard CGA “RFC 3972” in order to limit the time that CGA generation may takes. The modified CGA generation algorithm takes the upper bound of CGA running time as an input and the Sec value is determined as an output of the brute-force computations. The modified CGA keeps track of the best founded Hash2 value during the running time. The paper also proposes to reduce the granularity of the security level from “16” to “8”, to increase the chance to have better Sec value within the time limit. We called the modified CGA as Time-Based CGA (TB-CGA). The implementation and evaluation of TB-CGA are done in this paper.

Multicore-based auto-scaling SEcure Neighbor Discovery for Windows operating systems

SEcure Neighbor Discovery (SEND) is proposed to counter IPv6 Neighbor Discovery Protocol (NDP) security threats. However, SEND is compute-intensive. Fulfilling Hash2 condition in Cryptographically Generated Addresses (CGA) is the main heavy part of SEND. Unfortunately, CGA computation cannot see significant speed improvement when it runs on multicore machine because CGA generation algorithm is sequential. In this paper, we propose a multicore-based high performance SEND implementation for Windows families to speed up SEND computations. The proposed approach automatically detects the number of processors available on a machine and creates equivalent number of working threads to compute Hash2 condition. The parallelization mechanism is implemented to assign CGA computation to all the cores. When one thread satisfies CGA Hash2 condition, the others stop. With the parallel approach, the speedup time has been increased extremely by increasing the number of cores in the computing device. Besides the parallelization, we extend SEND implementation to generate the key pair for CGA algorithm on-the-fly to enhance the security and to protect the privacy.

6LoWPAN security: adding compromise resilience to the 802.15.4 security sublayer

6LoWPAN is a protocol stack for seamlessly integrating 802.15.4-based wireless sensor networks with IPv6 networks. The security of 6LoWPAN widely depends on the 802.15.4 security sublayer. This sublayer also supports pairwise keys so as to mitigate node compromises. Currently, the establishment of pairwise keys is however unspecified. Moreover, broadcast keys are shared among multiple nodes, which is not compromise resilient. In this paper, we propose two energy-efficient and DoS-resilient 802.15.4 add-ons to fill these gaps: First, a pairwise key establishment scheme, which is adaptable to different 6LoWPAN networks and threat models. Second, an easy-to-implement and compromise-resilient protocol for authenticating broadcast frames. Together, our add-ons contain the effects of node compromises and provide a basis for detecting compromised nodes autonomously. We implemented both add-ons in Contiki and tested them on TelosB motes.

SSAS: A simple secure addressing scheme for IPv6 autoconfiguration

The default method for IPv6 address generation uses an Organizationally Unique Identifier (OUI) assigned by the IEEE Standards Association and an Extension Identifier assigned by the hardware manufacturer (RFC 4291). For this reason a node will always have the same Interface ID (IID) whenever it connects to a new network. Because the nodes IP address does not change, the node will be vulnerable to privacy related attacks. Currently this problem is addressed by the use of two mechanisms that do not use MAC addresses or other unique values for randomizing the IID during its generation: Cryptographically Generated Addresses (CGA) (RFC 3972) and Privacy Extension (RFC 4941). The problem with the former approach is the computational cost involved in the IID generation and, more importantly, the verification process. The problem with the latter approach is the lack of necessary security mechanisms and that it provides the node with only partial protection against privacy related attacks. This document proposes the use of a new algorithm in the generation of the IID to reduce computational cost while, at the same time, securing the node against some types of attack, like IP spoofing. These attacks are prevented by the addition of a signature to messages sent over the network and by direct use of a public key in the IP address.

IPv6 stateless address autoconfiguration: balancing between security, privacy and usability

Included in the IPv6 suite is a method for devices to automatically configure their own addresses in a secure manner. This technique is called Cryptographically Generated Addresses (CGAs). CGA provides the ownership proof necessary for an IPv6 address without relying on any trust authority. However, the CGAs computation is very high, especially for a high security level defined by the security parameter (Sec). Therefore, the high cost of address generation may keep hosts that use a high Sec values from changing their addresses on a frequent basis. This results in hosts still being susceptible to privacy related attacks. This paper proposes modifications to the standard CGA to make it more applicable security approach while protecting user privacy. We make CGA more privacy-conscious by changing addresses over time which protects users from being tracked. We propose to reduce the CGA granularity of the security level from 16 to 8. We believe that an 8 granularity is more feasible for use in most applications and scenarios. These extensions to the standard CGA are implemented and evaluated.

Cryptographically Generated Addresses (CGAs): Possible Attacks and Proposed Mitigation Approaches

Cryptographically Generated Addresses (CGAs) were mainly designed to prove address ownership and to prevent the theft of existing IPv6 addresses by binding the owners public key to the generated address. The address owner uses a corresponding private key to prove its ownership by using signed messages that are originated from that address. Though the CGA approach is quite useful in providing a means of proving address ownership in IPv6 networks, it does have some limitations and some vulnerabilities. In this paper we will provide a security analysis and descriptions of possible ways of attacking CGA. We found that the CGA verification process is prone mainly to Denial-of-Service (DoS) attacks. We also found that CGAs are still susceptible to privacy related attacks. We will therefore propose some extensions to the CGA standard verification algorithm to mitigate DoS attacks and to make CGA more privacy-conscious.

Privacy and security in IPv6 networks: challenges and possible solutions

Privacy is a very important element in every ones everyday life. Most users would not like to have their data exposed to other people on the Internet. The initial approach used for attacking a users privacy and security is done by scanning the nodes on a network. This gives an attacker the ability to obtain the IP addresses in use by this node so that this information can then be used to initiate further attacks against this node, such as tracking them via their IP address across the networks, and then, later correlating the users activities with his IP address. The first attempt by the Internet Engineering Task Force (IETF) to protect a users privacy was defined in the Privacy Extension RFC [13]. Unfortunately this RFC has some deficiencies which makes its use vulnerable to privacy related attacks. To address this problem, and solve the deficiencies that exist with the use of this RFC, we introduce our new algorithm, which not only maintains a nodes lifetime, but also provides a user with a method for randomized Interface ID (IID) generations.

A Secure, Flexible Framework for DNS Authentication in IPv6 Autoconfiguration

The Domain Name System (DNS) is an essential part of the Internet on whose function many other protocols rely. One key DNS function is Dynamic Update, which allows hosts on the network to make updates to DNS records dynamically, without the need for restarting the DNS service. Unfortunately, this dynamic process does expose DNS servers to security issues. To address these issues two protocols were introduced: Transaction Signature (TSIG) and Domain Name System Security Extensions (DNSSEC). In Internet Protocol version 4 (IPv4) networks using these protocols eliminated security issues. In Internet Protocol version 6 (IPv6) however, there is an issue with the DNS authentication process when using the Stateless Address Auto Configuration (SLAAC) mechanism (new to IPv6, nonexistent in IPv4). This authentication issue occurs when a node wants to update its resource records on a DNS server, during the DNS update process, or when a client wants to authenticate a DNS resolver to ensure that the DNS response does not contain a spoofed source address or message. In this paper we propose the use of a new mechanism which makes use of asymmetric cryptography to establish a trust relationship with the DNS server. We also consider the use of the current security parameters used to generate IPv6 addresses in a secure manner, i.e. Secure Neighbor Discovery (SeND), for assuring clients and DNS servers that the one they are communicating with is the real owner of this IP address. Since we are extending the RDATA field within the TSIG protocol to accommodate these new security parameters, we will call this new mechanism the CGA-TSIG algorithm.

A flexible framework for detecting IPv6 vulnerabilities

Security has recently become a very important concern for entities using IPv6 networks. This is especially true with the recent news reports where governments and companies have admitted to credible cyber attacks against them in which confidential information and the security of data have been compromised. In this paper we will introduce a flexible framework that can be used for penetration testing of IPv6 networks. Due to the large address space in each of the IPv6 subnets, the traditional scanning approaches do not work. Here we introduce our new scanning algorithm which will find the IPv6 nodes on the Internet which are using Domain Name System (DNS) servers. Our implementation results showed that the use of the DNS Security Extension (DNSSEC) with NSEC3 [4], which is a new and promising approach for the prevention of zone walking, was not able to prevent us from gathering information about nodes on different networks.