Towards a New Algorithm to Optimize IPv6 Neighbor Discovery Security for Small Objects Networks

Abstract

In order to verify the uniqueness of link-local or unicast addresses, nodes must perform a Duplicate Address Detection process before using them. However, this process is subject to many attacks and the security is willing to be the most important issues in Small Object Networks with IPv6. In this paper, we developed a new algorithm to optimize the security in IPv6-DAD process; this method is based on SHA-512 to verify the identity of the Neighbor Discovery messages transmitted in the link local. First, before sending the NS message, the new node uses the function SHA-512 to hash to the target address and use the last 64 bits in a new field and then encrypt the result with its private key. When receiving the secure message, the existing nodes decrypt it. Our algorithm is going to secure the DAD process by using a digital signature. Overall, this algorithm showed a significant effect in terms of the Address Configuration Success Probability (ACSP).