Using SEND signature algorithm agility and multiple-key CGA to secure proxy neighbor discovery and anycast addressing

The Neighbor Discovery Protocol (NDP) is a fundamental component of the IPv6 protocol suite in charge of the Link-layer interactions (Address Resolution, Router Discovery, etc.). Over the years, it has been extended to new usages, such as Mobility (Mobile IPv6), proxy advertisements (Neighbor Discovery Proxies) and security (Secure Neighbor Discovery, SEND). However, SEND's protection is currently incompatible with two NDP functions, namely the proxy Neighbor Discovery function (used in Mobile IPv6) and the IPv6 anycast addresses (i.e. shared addresses on a same link). On one hand, Cryptographically Generated Addresses (CGA) and SEND protect the NDP messages. The former, an address generation scheme, binds a single public key to an address. The latter secures NDP messages by signing them with the corresponding private key of the source address, thus achieving a proof of address ownership. On the other hand, proxy Neighbor Discovery and IPv6 anycast addressing are mechanisms binding one address to multiple nodes. In this article, we present an overview of the existing solutions addressing these divergent objectives and tackle their limitations. We then propose an alternate solution and introduce the Multiple-Key Cryptographically Generated Addresses (MCGA) concept. This proposal relies on SEND's Signature Algorithm Agility extensions (also defined by the authors) to bind more than one Public Key to an address. As such, it enables multiple nodes to properly share and protect the same address and thus resolves proxy Neighbor Discovery and Anycast issues. Finally, we present implementation results and discuss the advantages of our approach over the existing solutions.