Security Holes in Contrast to the New Features Emerging in the Next Generation Protocol

Abstract

ABSTRACT The next generation protocol (Ipv6) also called Iping, which should replace the current generation of Internet protocol (Ipv4), brings many enhancements over Ipv4. Ipv4 has been a great success for more than 20 years, since its interception in 1980 but due to limited address space, complex configuration and very important lack of security it does not fulfil the requirement of the exponentially growing internet. Because of inadequate address and for other issues, Ipv6 was proposed by the network working group of the internet engineering taskforce (IETF) which provides many new features like quality of services, auto-address configuration, end to end connectivity, security, simple routing header and so on. This paper identifies security holes to the new features introduced in Ipv6 and security holes that are not altered by new futures of Ipv6. Keywords: Ipv4, Ipv6, Ipsec, NAT, TCP/IP, security holes, IP 1. INTRODUCTION The current generation of Internet protocol (IPv4) has been in use for more than 20 years and has not significantly changed since it was introduced in 1981. IPV4 has proven to be robust, interoperable and easily implemented. With Ipv4, options were integrated into the basic Ipv4 header whereas in Ipv6 they are handled as extension headeThe IPV4 specifies a 32 bit IP address field is a key component of the internet infrastructure and have many issues like complex configuration, limited address space, large routing tables, demand for real time data transfer and lack of security which does not fulfil the requirement of the exponential growth of the internet. To eliminate some of the mentioned imperfection, Network-working group of the Internet engineering task force (IETF) proposed a new suite of protocols called the Internet protocol version (IPv6) [1]. Industry stakeholder and Internet experts generally agree that IPv6-based network would be technically superior to the commonly installed base of IPv4-based networks [2]. The IPv6 with 128 bit address space provides large IP addresses and also with classless and auto address configuration features, IPv6 provides a new innovative communication services among the nodes and improved security by using IPsec as a part of packet header. IPv6 provides various improvements over IPv4 like simplicity, large address space, simple routing header format, extension for authentication and privacy, flow labelling capabilities, quality of services (Qos) and very important security at IP level. In addition, through auto configuration and mobility feature of IPv6 nodes on the Internet can communicate in simpler way. However, IPv6 with new features will likely generate newer protocol attacks and IPv4 related attack would morph into new form. Although the IPv6 protocol is still developing, it is fully functional and its implementation and usage in the real network is possible [3]. In section 2, we will discuss the new features introduced in IPv6. In section 3, these features are discussed along with security holes. Section 4 outlines security threats that are common to IPv4. Finally the conclusion will be given.