Privacy is Not an Option: Attacking the IPv6 Privacy Extension

  • Johanna UllrichEmail author
  • Edgar Weippl
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9404)


The IPv6 privacy extension introduces temporary addresses to protect against address-based correlation, i.e., the attribution of different transactions to the same origin using addresses, and is considered as state-of-the-art mechanism for privacy protection in IPv6. In this paper, we scrutinize the extension’s capability for protection by analyzing its algorithm for temporary address generation in detail. We develop an attack that is based on two insights and shows that the notion of protection is false: First, randomization is scarce and future identifiers can be predicted once the algorithm’s internal state is known. Second, a victim’s temporary addresses form a side channel and allow an adversary to synchronize to this internal state. Finally, we highlight mitigation strategies, and recommend a revision of the extension’s specification.


Mobile Node Medium Access Control Hash Function Coffee Shop Attack Scenario 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The authors thank Peter Wurzinger, Dimitris E. Simos, Georg Merzdovnik and Adrian Dabrowski for many fruitful discussions. This research was funded by P 842485 and COMET K1, both FFG - Austrian Research Promotion Agency.


  1. 1.
    Landau, S.: Making sense from snowden: what’s significant in the NSA surveillance relevations. IEEE Secur. Priv. Mag. 4, 54–63 (2013)CrossRefGoogle Scholar
  2. 2.
    Landau, S.: Making sense from snowden, part II: what’s significant in the NSA surveillance relevations. IEEE Secur. Priv. Mag. 1, 62–64 (2014)CrossRefGoogle Scholar
  3. 3.
    Leber, J.: Amazon Woos Advertisers with What It Knows about Consumers, January 2013.
  4. 4.
    Blue, V.: Facebook turns user tracking ‘bug’ into data mining ‘feature’ for advertisers, June 2014.
  5. 5.
    Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., Morris, J., Hansen, M., Smith, R.: Privacy Considerations for Internet Protocols, RFC 6973, July 2013Google Scholar
  6. 6.
    Hinden, R., Deering, S.: IP Version 6 Addressing Architecture, RFC 4291, February 2006Google Scholar
  7. 7.
    Narten, T., Draves, R., Krishnan, S.: Privacy Extensions for Stateless Address Autoconfiguration in IPv6, RFC 4941, September 2007Google Scholar
  8. 8.
    Ullrich, J., Krombholz, K., Hobel, H., Dabrowski, A., Weippl, E.: IPv6 security: attacks and countermeasures in a nutshell. In: USENIX Workshop on Offensive Technologies (WOOT). USENIX Association, San Diego, CA, August 2014.
  9. 9.
    Thomson, S., Narten, T., Jinmei, T.: IPv6 Stateless Address Autoconfiguration, RFC 4862, September 2007Google Scholar
  10. 10.
    Gont, F.: A Method for Generating Semantically Opaque Interface Identifiers with IPv6 Stateless Address Autoconfiguration (SLAAC), RFC 7217, April 2014Google Scholar
  11. 11.
    Aura, T.: Cryptographically Generated Addresses (CGA), RFC 3972, March 2005Google Scholar
  12. 12.
    Arkko, J., Kempf, J., Zill, B., Nikander, P.: SEcure Neighbor Discovery (SEND), RFC 3971, March 2005Google Scholar
  13. 13.
    Narten, T., Nordmark, E., Simpson, W., Soliman, H.: Neighbor Discovery for IP version 6 (IPv6), RFC 4861, September 2007Google Scholar
  14. 14.
    Dunlop, M., Groat, S., Marchany, R., Tront, J.: IPv6: now you see me, now you don’t’. In: International Conference on Networks (ICN), pp. 18–23 (2011)Google Scholar
  15. 15.
    Groat, S., Dunlop, M., Marchany, R., Tront, J.: IPv6: nowhere to run, nowhere to hide. In: Hawaii International Conference on System Sciences (HICSS) (2011)Google Scholar
  16. 16.
    Alsadeh, A., Rafiee, H., Meinel, C.: Cryptographically generated addresses (CGAs): possible attacks and proposed mitigation approaches. In: IEEE International Conference on Computer and Information Technology (CIT) (2012)Google Scholar
  17. 17.
    AlSadeh, A., Rafiee, H., Meinel, C.: IPv6 stateless address autoconfiguration: balancing between security, privacy and usability. In: Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Miri, A., Tawbi, N. (eds.) FPS 2012. LNCS, vol. 7743, pp. 149–161. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  18. 18.
    Barrera, D., Wurster, G., Van Oorschot, P.C.: Back to the future: revisiting IPv6 privacy extensions. USENIX Mag. 36(1), 16–26 (2011). LOGINGoogle Scholar
  19. 19.
    Turner, S., Chen, L.: Updated Security Consideration for the MD5 Message-Digest and the HMAC-MD5 Algorithms, RFC 6151, March 2011Google Scholar
  20. 20.
    Gosney, J.M.: Password cracking HPC. In: Passwords Security Conference (2012)Google Scholar
  21. 21.
    Heuse, M.: Thc-ipv6 toolkit v2.7, April 2015.
  22. 22.
    TechNet: IPv6 Addressing (Tech Ref), April 2011.
  23. 23.
    Stevens, M., Sotirov, A., Appelbaum, J., Lenstra, A., Molnar, D., Osvik, D.A., de Weger, B.: Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 55–69. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  24. 24.
    eBASH (ECRYPT Benchmarking of All Submitted Hashes), March 2015.

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.SBA ResearchViennaAustria

Personalised recommendations