Privacy Extensions for Stateless Address Autoconfiguration in IPv6

Stateless address autoconfiguration defines the mechanism for a IPv6 node to generate an address without the need of an external DHCP server based on the interface identifier. In the case of Ethernet the Interface Identifier is based on the EUI-64 identifier derived from the interface’s built-in 48-bit IEEE 802 address (MAC address). The IPv6 address generated via Stateless Autoconfiguration contains the same interface identifier regardless of the location the mobile node is attached to the Internet. RFC3041 presents a privacy extension to Stateless Autoconfiguration based on the idea of generating random interface identifiers periodically. The paper introduces the concept of “unobservability” of the privacy extension and studies in which scenarios a third party will be able to determine with high probability if a node is running RFC3041 or not. The paper shows the privacy implications of the universal/local bit of the current IPv6 addressing architecture and presents a set of suggested changes to enhance privacy.