Cryptographically Generated Address

Cryptographically Generated Address

A Cryptographically Generated Address (CGA) is an Internet Protocol Version 6 (IPv6) address that has a host identifier computed from a cryptographic one-way hash function.[1] This procedure is a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery Protocol (SEND).[2]

Methodology

A Cryptographically Generated Address is formed by replacing the least-significant 64 bits of the 128-bit IPv6 address with the cryptographic hash of the public key of the address owner. The messages are signed with the corresponding private key. Only if the source address and the public key are known can the verifier authenticate the message from that corresponding sender. This method requires no public-key infrastructure. Valid CGAs may be generated by any sender, including a potential attacker, but they cannot use any existing CGAs.

See also

References

  1. ^ RFC 3972, Cryptographically Generated Addresses (CGA), T. Aura (March 2005)
  2. ^ RFC 3971, Secure Neighbor Discovery (SEND), J. Arkko (ed.), J. Kempf, B. Zill, P. Nikander (March 2005)



Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Cryptographically Generated Addresses — (CGA) is a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol.CGA is defined in RFC 3972.References* RFC 3972External links …   Wikipedia

  • Site Multihoming by IPv6 Intermediation — The SHIM6 protocol is a layer 3 shim for providing locator agility below the transport protocols, so that multihoming can be provided for IPv6 with failover and load sharing properties, without assuming that a multihomed site will have a provider …   Wikipedia

  • CGA — may stand for: Crew Golf Association California s Great America Casual Games Association Central Government Accounts, an organization in the UK government Central of Georgia Railway Centro de Gestión Avanzado (Advanced Management Centre), an… …   Wikipedia

  • Public key fingerprint — In public key cryptography, a public key fingerprint is a short sequence of bytes used to authenticate or look up a longer public key. Fingerprints are created by applying a cryptographic hash function to a public key. Since fingerprints are… …   Wikipedia

  • Domain Name System — The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the… …   Wikipedia

  • Universally Unique Identifier — A Universally Unique Identifier (UUID) is an identifier standard used in software construction, standardized by the Open Software Foundation (OSF) as part of the Distributed Computing Environment (DCE). The intent of UUIDs is to enable… …   Wikipedia

  • Bluetooth — This article is about the electronic protocol. For the medieval King of Denmark, see Harald I of Denmark. Bluetooth logo Bluetooth is a proprietary open wireless technology standard for exchanging data over short distances (using short wavelength …   Wikipedia

  • Domain Name System Security Extensions — Internet protocol suite Application layer BGP DHCP DNS FTP HTTP …   Wikipedia

  • Proxy server — For Wikipedia s policy on editing from open proxies, please see Wikipedia:Open proxies. Communication between two computers (shown in grey) connected through a third computer (shown in red) acting as a proxy. In …   Wikipedia

  • Identity document — National identity card redirects here. For cards referred to in the English language as national identity card , see National identity card (disambiguation). An identity document (also called a piece of identification or ID, or colloquially as… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”