Atkinson, R., "IPv6 Authentication Header", Work in Progress, Naval Research Lab, February 1995.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....the ability for a receiver to prove the sender of a packet actually sent it, although they may claim they did not. At the time of this writing, keyed MD5 is the default authentication algorithm for IPv6 and does not support non repudiation, as it is a symmetric authentication algorithm. [6] Authentication via the IPv6 authentication header is worthwhile for a number of reasons. It puts the burden of authentication in the hands of the sender and is as strong (or a weak) as the authentication algorithm used. Although MD5 with 128 bit keys is the least required authentication ....

Atkinson, R., "IPv6 Authentication Header." Internet Draft, February 16, 1995.

.... revision in 14 years [24] As part of that revision, the new IP (IPv6, 12] proposes a number of required options that were not required in the previous IP (IPv4, 24] This paper describes a performance analysis of MD5 [28] the proposed required optional authentication algorithm in IPv6 [1]. Analysis indicates that MD5 may not adhere to the performance criterion of IPv6 [23] and thus its mandate as the default for a required option in IPv6 should be reconsidered. This paper is organized as follows: An overview of MD5 and its relevance to IPv6. Measurements of MD5 s reference ....

....not be implemented to conform to the standard, but required options must be implemented, but can still be enabled or disabled on individual packets. Authentication is a required option in IPv6. The authentication option allows per packet specification of the particular authentication algorithm [1]. In keeping with the required option spirit, one algorithm is required to be implemented. The IPv6 authentication mechanism proposes MD5 as its required algorithm. Internet RFCs and Internet Drafts regarding authentication do not address performance issues (as a rule) Notable exceptions are ....

[Article contains additional citation context not shown here]

Atkinson, R., "IPv6 Authentication Header," (working draft - draft-ietf-ipngwg-auth-00.txt), February 1995.

....in the following section. For more information on IPv6 the reader is referred to the IPv6 internet drafts [26] and [25] which present a detailed overview of the protocol. 3.4.1 Security Mechanisms IPv6 proposes two security mechanisms. These mechanisms are: ffl The authentication header(AH)[28]. The AH provides a check for data integrity and authentication of contents but does not encrypt the data in any way. Hence there is no confidentiality provided by this mechanism. ffl Encapsulating Security Payload (ESP) 29] The ESP can provide authentication and data integrity but its main ....

....must ignore the unused trailing bits. The other fields in the AH include the Next Payload descriptor which specifies the contents of the datagram following the AH and the Length field (8 bits) which specifies the length of the authentication data in 64 bit double words. The current draft standard[28] specifies that the reserved bits must be set to zero when the datagram is transmitted. The authentication data is normally generated using an appropriate message digest algorithm such as MD5[13] Support of keyed MD5 is mandatory in the current IAB draft standard as is manual distribution of ....

R. Atkinson, "IPv6 authentication header," Internet Draft, Internet Activites Board, August 1994. Available from ftp:munnari.oz.au /internet-drafts/draft-ietf-sipp-ap04. txt.Z.

No context found.

Atkinson, R., "IPv6 Authentication Header", Work in Progress, Naval Research Lab, February 1995.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC