Security IPv4 vs. IPv6 Is there a difference? - PowerPoint PPT Presentation

security ipv4 vs ipv6 is there a difference n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Security IPv4 vs. IPv6 Is there a difference? PowerPoint Presentation
Download Presentation
Security IPv4 vs. IPv6 Is there a difference?

Loading in 2 Seconds...

play fullscreen
1 / 11
Security IPv4 vs. IPv6 Is there a difference?
0 Views
Download Presentation
kerry-daniel
Download Presentation

Security IPv4 vs. IPv6 Is there a difference?

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. SecurityIPv4 vs. IPv6Is there a difference? Greg Travis Indiana University greg@iu.edu

  2. In the beginning… • The Internet was infinitesimally small, and no one could comprehend its role in the future of society • Networks, as they grew, were built and run by benevolent lords • The security concern of the time was simply a nuclear war

  3. In the beginning… • Security was the concern of the government • Cryptography was within the realm of dark projects • “Secure” communications were defined by the NSA

  4. The IETF said “let there be Autonomous Systems and routing protocols” • and Internet grew and grew • The NSF said “let there be commercialization” • and the Internet grew and grew and grew • Cisco said “let there be e-commerce” • and Cisco grew and grew

  5. In 1993 the IETF said “the sky is falling” • Current state-of-the-art routers couldn’t hold the entire routing table • It was projected that class-B addresses, and eventually all addresses, would be exhausted • Creative IETF members said “we can fix things”, but each had his own plan

  6. “If you’re giving away ice-cream, make sure the scoops are small” • The IETF said “let there be CIDR” • and classless interdomain routing became the efficient way to dole out IP addresses • Others in the IETF said “CIDR is nice, but we’re still going to run out of ice-cream” • “wouldn’t it be nice to have an astronomical amount of ice-cream, they wondered” • Two years later, the IETF invented the equivalent of an astronomical amount of ice-cream: IPv6

  7. Around the same time they were solving the ice-cream problem, the IETF also was dealing with security • SSL was standardized - now TCP connections could be encrypted without the user messing around with keys or passphrases • Standards were emerging for securing the network at the IP layer (would later be called IPSEC)

  8. The difference between “may” and “must” • The IPv6 IETF standard (RFC ) specifies that a full implementation of IPv6 MUST support certain components of IPSEC • IPv4, which was defined before IPSEC, MAY support IPSEC • In reality, some IPv6 stacks don’t support IPSEC and many IPv4 stacks do. • There are no additional security features if IPv6! In fact, IPv4 does have additional required security features (but they’re not used)

  9. IPv6 does have an astronomical number of addresses • This does allow for the flexibility to build network topologies which support attribution at the network layer. • You can make quite a mess with an astronomical amount of ice-cream.

  10. The argument for IPv6 is to maintain the flexibility of supporting the end-to-end network model. IMHO, it has nothing to do with security

  11. Want to make a network less secure, migrate to IPv6 early