icos-5----Page:5
1 2 3 4 5
|
Solution - Operations on Addresses Host A Address A = prefix | hash(public key A) Approach based on “zero config” security Cryptographically Generated Addresses (CGAs): In verifying a response to neighbor discovery, duplicate address detection, and so on, check that: 1) Responder’s address is a hash of a public key 2) There is a signature from the associated private key Attackers can come up with new addresses, but they can not take over an address of an existing host or router -- they do not have the private key! (IPR -- but with friendly licenses) |