IPv6 Security

IPv6 is the communication protocol of the future – there is no escaping from it. Everyone who takes a closer look at the list of IPv4 allocations will come to the conclusion that the time is running out – and quite fast according to the latest estimations which predict the end of available IPv4 addresses by 2011/2012.

But what will this new IPv6 protocol bring us? New features? Improved security?

The following list includes the main improvements of IPv6:

  • Larger Address Space
  • Simplified Header
  • Stateless Address Configuration
  • Multicast
  • Mobile IPv6
  • Jumbograms
  • IP Security (IPsec)

The most significant reason to introduce IPv6 is surely the extended address space. IPv4 is based on 32 bit and thus provides connectivity for 4.294.967.296 hosts. With tricks like NAT this number can be increased to fit to the needs of the industry today, but not for the needs of tomorrow.

IPv6 is based on 128 bit and thus provides an address space for 340.282.366.920.938.463.463.374.607.431.768.211.456 hosts. A number which is far away from being, even, imaginable.
A reasonable comparison is if you think of the IPv6 address space as the volumen of the earth and IPv4 as the volumen of an IPod. This may appear as an incredibly large amount of addresses, but if you think that every car , fridge or mobile gadget will have an IPv6 address – you get the idea.

When IPv4 was designed as a communication protocol there was not much (if any) time spent on security. Not so with IPv6.

The new version of the Internet Protocol has a suite of features for secure communication commonly called IPsec – well proved an due to its success also back ported to IPv4.

After a brief overview of the main facts I will focus on the security improvements which come with IPsec in future posts.

Clemens Kurtenbach
S21sec e-crime

Deja un comentario