Presentation is loading. Please wait.

Presentation is loading. Please wait.

DHCP Privacy Considerations Tomek Mrugalski IETF90, Toronto 2014-07-23 IETF-90 DHC WG1.

Published byWalter Melton Modified over 8 years ago

Similar presentations

Presentation on theme: "DHCP Privacy Considerations Tomek Mrugalski IETF90, Toronto 2014-07-23 IETF-90 DHC WG1."— Presentation transcript:

1 DHCP Privacy Considerations Tomek Mrugalski IETF90, Toronto 2014-07-23 IETF-90 DHC WG1

2 Problem statement DHCP is susceptible to surveillance DHCP can be used to track users and devices Users’ mobility patterns may be revealed Users’ personal information may be revealed... IETF-90 DHC WG2

3 Examples When moving to a new location, the client sends Confirm with addresses that reveal previous location You may be identified by MAC, link-local, DUID, FQDN and many others Your device can be fingerprinted by options presence, options content, options order, and behavior IA_TA (temporary addresses) will help, but only a little. (corresponding servers can track me => my DHCP server can track me) IETF-90 DHC WG3

4 Privacy vs security IETF-90 DHC WG4 Amount of information revealed anonymity susceptibility to surveillance certificates service

5 Question #1 IETF-90 DHC WG5 Is WG interested in working on DHCP privacy? YES ON

6 Question #2 IETF-90 DHC WG6 Is WG interested in working on DHCP privacy? YES ON Do we want to focus on… DHCPv6 only DHCPv4 and DHCPv6

7 Question #3 IETF-90 DHC WG7 Is WG interested in working on DHCP privacy? YES ON Do we want to focus on… DHCPv6 only What should our goal be? Analyse Analyse and change protocol if needed Analyse and decide what to do next DHCPv4 and DHCPv6

8 Question #4 IETF-90 DHC WG8 How much would you like this work to proceed? Not much (honestly I don’t care) Not much (honestly I don’t care) A bit (I will discuss and review) A bit (I will discuss and review) A lot (I volunteer for this work) A lot (I volunteer for this work)

9 Scope of work Part of a bigger picture –Much bigger problem than just DHCP –Need to limit the analysis to DHCP aspects only Problem analysis Discussion of possible solutions Review existing drafts and comment on privacy implications IETF-90 DHC WG9

10 Next steps? IETF-90 DHC WG10

11 Further reading No. TitleReason 1.RFC7258: Pervasive monitoring is an attack Why pervasive monitoring is a problem 2.dhc-v4-threat-analysis-03What are the potential attacks in DHCPv4 3.dhc-sedhcpv6-03Proposed strong protection against attacks, privacy degradation (certs) 4. IETF-90 DHC WG11

Download ppt "DHCP Privacy Considerations Tomek Mrugalski IETF90, Toronto 2014-07-23 IETF-90 DHC WG1."

Similar presentations

U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG

U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG
Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,
Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park

Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park
Draft-ietf-dhc-stateless-dhcpv6- renumbering-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

Draft-ietf-dhc-stateless-dhcpv6- renumbering-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.
1 DHCP-based Fast Handover protocol NTT Network service systems laboratories 2005. 3. 10 Takeshi Ogawa draft-ogawa-fhopt-00.txt 62nd IETF - Minneapolis.

1 DHCP-based Fast Handover protocol NTT Network service systems laboratories Takeshi Ogawa draft-ogawa-fhopt-00.txt 62nd IETF - Minneapolis.
1 Behcet Sarikaya Frank Xia July 2010 Flexible DHCPv6 Prefix Delegation in Mobile Networks IETF 78

1 Behcet Sarikaya Frank Xia July 2010 Flexible DHCPv6 Prefix Delegation in Mobile Networks IETF 78
DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.

DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.

Request History – Solution Mary Barnes SIP WG Meeting IETF-57 draft-ietf-sip-history-info-00.txt.
Draft-asati-dhc-ipv6-autoconfig-address-tracking 1 IETF 86 Rajiv Asati Dan Wing.

Draft-asati-dhc-ipv6-autoconfig-address-tracking 1 IETF 86 Rajiv Asati Dan Wing.
IETF 68 – SIMPLE WG SIMPLE Problem Statement draft-ietf-simple-interdomain-scaling-analysis-00 Avshalom Houri – IBM Tim Rang - Microsoft Edwin Aoki – AOL.

IETF 68 – SIMPLE WG SIMPLE Problem Statement draft-ietf-simple-interdomain-scaling-analysis-00 Avshalom Houri – IBM Tim Rang - Microsoft Edwin Aoki – AOL.
DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.
Wireless and Email Security CSCI 5857: Encoding and Encryption.

Wireless and Security CSCI 5857: Encoding and Encryption.
DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-01.txt) IETF 61 (Washington, DC) Yinglan Jiang Renxiang Yan

DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-01.txt) IETF 61 (Washington, DC) Yinglan Jiang Renxiang Yan
IETF 77 1 HIP mobility (RFC 5206bis) issue review March 31, 2011 Tom Henderson (editor)

IETF 77 1 HIP mobility (RFC 5206bis) issue review March 31, 2011 Tom Henderson (editor)
November 200461st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,

November st IETF MIP6 WG Mobile IPv6 Bootstrapping Architecture using DHCP draft-ohba-mip6-boot-arch-dhcp-00 Yoshihiro Ohba, Rafael Marin Lopez,
Dynamic Host Configuration Protocol Engr. Mehran Mamonai.

Dynamic Host Configuration Protocol Engr. Mehran Mamonai.
Using DHCPv6 for DNS Configuration in Hosts draft-ietf-droms-dnsconfig-dhcpv6-00.txt Ralph Droms.

Using DHCPv6 for DNS Configuration in Hosts draft-ietf-droms-dnsconfig-dhcpv6-00.txt Ralph Droms.
1 Behcet Sarikaya Frank Xia Ted Lemon July 2011 DHCPv6 Prefix Delegation as IPv6 Migration Tool in Mobile Networks IETF 81

1 Behcet Sarikaya Frank Xia Ted Lemon July 2011 DHCPv6 Prefix Delegation as IPv6 Migration Tool in Mobile Networks IETF 81
Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.

Jun Li DHCP Option for Access Network Information draft-lijun-dhc-clf-nass-option-01.

Similar presentations

Ads by Google