| Summary: | Neighbour Discovery Protocol is a core IPv6 protocol used within the local network to provide functionalities such as Router Discovery and Neighbour Discovery. However, the standard of the protocol does not specify any security mechanism but only recommends the use of either Internet Protocol Security (IPSec) or Secure Neighbor Discovery (SEND) that has drawbacks when used within IPv6 local network. Furthermore, neither is enabled by default in the IPv6 local network; leaving the protocol unsecured. This paper proposes Trust-ND with reduced complexity by combining hard security and soft security approaches to be implemented on securing IPv6 link-local communication. The experimentation results showed that Trust-ND managed to successfully secure the IPv6 Neighbour Discovery. Trust-ND significantly cuts down the time to process NDP messages up to 77.21 ms for solicitation message and 100.732 ms for advertisement message. It also provides additional benefit over regular NDP in terms of data integrity for all Trust-ND messages with the introduction of Trust Option.
|
|---|
