DHCP Privacy Considerations Tomek Mrugalski IETF90, Toronto 2014-07-23 IETF-90 DHC WG1.

Slides:



Advertisements
Similar presentations
U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG
Advertisements

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,
Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park
Draft-ietf-dhc-stateless-dhcpv6- renumbering-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.
1 DHCP-based Fast Handover protocol NTT Network service systems laboratories Takeshi Ogawa draft-ogawa-fhopt-00.txt 62nd IETF - Minneapolis.
1 Behcet Sarikaya Frank Xia July 2010 Flexible DHCPv6 Prefix Delegation in Mobile Networks IETF 78
DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.
Draft-asati-dhc-ipv6-autoconfig-address-tracking 1 IETF 86 Rajiv Asati Dan Wing.
IETF 68 – SIMPLE WG SIMPLE Problem Statement draft-ietf-simple-interdomain-scaling-analysis-00 Avshalom Houri – IBM Tim Rang - Microsoft Edwin Aoki – AOL.
DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.
Wireless and Security CSCI 5857: Encoding and Encryption.
DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-01.txt) IETF 61 (Washington, DC) Yinglan Jiang Renxiang Yan
IETF 77 1 HIP mobility (RFC 5206bis) issue review March 31, 2011 Tom Henderson (editor)
November st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,
Dynamic Host Configuration Protocol Engr. Mehran Mamonai.
Using DHCPv6 for DNS Configuration in Hosts draft-ietf-droms-dnsconfig-dhcpv6-00.txt Ralph Droms.
1 Behcet Sarikaya Frank Xia Ted Lemon July 2011 DHCPv6 Prefix Delegation as IPv6 Migration Tool in Mobile Networks IETF 81
Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.
RADIUS Crypto-Agility Requirements November 18, 2008 David B. Nelson IETF 73 Minneapolis.
July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
DHC WG IETF 55, 11/18/ /18/2002IETF 552 Agenda Administrivia, agenda bashingRalph Droms Use of IPsec for Securing DHCPv4 Messages Exchanged Between.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
Exposing Source IP Address Type Requirements with DHCPv6 D. Moses, A. Yegin draft-moses-dmm-dhcp-ondemand-mobility-00.
DHCP Option for Proxy Server Vijayabhaskar A K DHC WG IETF 59 Seoul.
RFC 4477 DHCP: Dual-Stack Issues Speaker: Ching-Chen Chang Date:
IETF-90 (Toronto) DHC WG Meeting Wednesday, July 23, GMT IETF-90 DHC WG1 Last Updated: 07/21/ :10 EDT.
Mobility for IP: Performance, Signaling and Handoff Optimization (MIPSHOP) IETF 73, November 2008 Vijay Devarapalli
DHCP Option for SNMP Notifications 55 th IETF – Atlanta November 2002 draft-bakke-dhc-snmp-trap-01.txt Mark Bakke, Cisco Systems
Dnssd requirements draft-ietf-dnssd-requirements-03 Kerry Lynn Stuart Cheshire Marc Blanchet Daniel Migault IETF 90, Toronto, 24 July
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
DHCPv6bis update DHC WG, IETF90 draft-dhcwg-dhc-dhcpv6bis-02 Andrew Yourtchenko, Bernie Volz, Marcin Siodelski, Michael Richardson, Sheng Jiang, Ted Lemon,
DHCPv4/v6 Proxy IETF 67 DHC WG -- San Diego, USA 5-10 Nov draft-sarikaya-dhc-proxyagent-00.txt.
DHCP options for PAA Status report of draft-ietf-dhc-paa-option-01.txt Lionel Morand IETF-65, Dallas.
C. Bettini, X.S. Wang, S. Jajodia Secure Data Management (SDM 2005), pp , DOI: / _13. David MacDonald.
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Liaison Report Date Submitted: September 16, 2010 Presented at IEEE session.
IETF-89 (London) DHC WG Meeting Monday, March 3, GMT IETF-89 DHC WG1 Last Updated: 02/27/ EST.
GEONET Brainstorming Document. Content Purpose of the document Brainstorming process / plan Proposed charter Assumptions Use cases Problem description.
CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI.
IP Address Location Privacy and Mobile IPv6: Problem Statement draft-irtf-mobopts-location-privacy-PS-00.txt Rajeev Koodli.
IPv6 Services for Residential Networks Mark Baugher Erwan Nedellec Mika Saaranen Barbara Stark.
DHCP-DNS Interaction Bernie Volz IETF-61, DHC WG.
DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris.
Resource Certificate Provisioning Protocol Geoff Huston IETF 70 December 2007.
Dhc WG 3/2/2004, IETF 59, Seoul. 3/2/2004dhc WG - IETF 59, Seoul2 Agenda Administrivia, Agenda bashing Ralph Droms 05 minutes DHCP Option for Proxy Server.
Problem Statement: Media Independent Handover Signalling draft-hepworth-mipshop-mih-problem-statement-01 Ele Hepworth (*), Greg Daley, Srinivas Sreemanthula,
DOTS Requirements Andrew Mortensen November 2015 IETF 94 1.
Draft-kwatsen-netconf-zerotouch-00 Zero Touch Provisioning for NETCONF Call Home.
IPv6 Node Information Queries Update Bob Hinden Vienna IETF.
IPv6 – THE WAY TO THE SECURE INTERNET
SIP Configuration Issues: IETF 57, SIPPING
Katrin Hoeper Channel Bindings Katrin Hoeper
While deploying DHCPv6 at CERN…
Lightweight 4over6 deployment with DHCPv4 over DHCPv6
Lionel Morand DHCP options for PAA Lionel Morand
Teemu Savolainen (Nokia) MIF WG IETF#75 28-July-2009
DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers
Radius Attribute for MAP draft-jiang-softwire-map-radius-03
DHCP Anonymity Profile Update
Server To Server Notification protocol requirements draft-decktor-s2s-notif-00 IETF-58 Update Gev Decktor November, 2003.
Link Layer Addresses Assignment Mechanism for DHCPv6
Debashish Purkayastha, Dirk Trossen, Akbar Rahman
MAC address assignment in IEEE through IEEE aq
Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [MAC address assignment in IEEE
MAC address assignment in IEEE through IEEE aq
The MobileIron® Threat Detection difference:
Zero Touch Provisioning for NETCONF/RESTCONF Call Home draft-ietf-netconf-zerotouch-19 NETCONF WG IETF 100 (Singapore)
IETF-104 (Prague) DHC WG Next steps
Link Layer Addresses Assignment Mechanism for DHCPv6
Presentation transcript:

DHCP Privacy Considerations Tomek Mrugalski IETF90, Toronto IETF-90 DHC WG1

Problem statement DHCP is susceptible to surveillance DHCP can be used to track users and devices Users’ mobility patterns may be revealed Users’ personal information may be revealed... IETF-90 DHC WG2

Examples When moving to a new location, the client sends Confirm with addresses that reveal previous location You may be identified by MAC, link-local, DUID, FQDN and many others Your device can be fingerprinted by options presence, options content, options order, and behavior IA_TA (temporary addresses) will help, but only a little. (corresponding servers can track me => my DHCP server can track me) IETF-90 DHC WG3

Privacy vs security IETF-90 DHC WG4 Amount of information revealed anonymity susceptibility to surveillance certificates service

Question #1 IETF-90 DHC WG5 Is WG interested in working on DHCP privacy? YES ON

Question #2 IETF-90 DHC WG6 Is WG interested in working on DHCP privacy? YES ON Do we want to focus on… DHCPv6 only DHCPv4 and DHCPv6

Question #3 IETF-90 DHC WG7 Is WG interested in working on DHCP privacy? YES ON Do we want to focus on… DHCPv6 only What should our goal be? Analyse Analyse and change protocol if needed Analyse and decide what to do next DHCPv4 and DHCPv6

Question #4 IETF-90 DHC WG8 How much would you like this work to proceed? Not much (honestly I don’t care) Not much (honestly I don’t care) A bit (I will discuss and review) A bit (I will discuss and review) A lot (I volunteer for this work) A lot (I volunteer for this work)

Scope of work Part of a bigger picture –Much bigger problem than just DHCP –Need to limit the analysis to DHCP aspects only Problem analysis Discussion of possible solutions Review existing drafts and comment on privacy implications IETF-90 DHC WG9

Next steps? IETF-90 DHC WG10

Further reading No. TitleReason 1.RFC7258: Pervasive monitoring is an attack Why pervasive monitoring is a problem 2.dhc-v4-threat-analysis-03What are the potential attacks in DHCPv4 3.dhc-sedhcpv6-03Proposed strong protection against attacks, privacy degradation (certs) 4. IETF-90 DHC WG11

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.