EUI-64 Considered Harmful
Rye, Erik C.
MetadataShow full item record
This position paper considers the privacy and security implications of EUI-64-based IPv6 addresses. By encoding MAC addresses, EUI-64 addresses violate layers by exposing hardware identifiers in IPv6 addresses. The hypothetical threat of EUI-64 addresses is well-known, and the adoption of privacy extensions in operating systems (OSes) suggests this vulnerability has been mitigated. Instead, our work seeks to quantify the empirical existence of EUI-64 IPv6 addresses in today’s Internet. By analyzing: i) traceroutes; ii) DNS records; and iii) mobile phone behaviors, we find surprisingly significant use of EUI-64. We characterize the origins and behaviors of these EUI-64 IPv6 addresses, and advocate for changes in provider IPv6 addressing policies.
RightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Showing items related by title, author, creator and subject.
Rowe, Neil C.; Schwamm, Riqui; McCarrin, Michael R.; Gera, Ralucca (ADFSL, 2016);Drives found during investigations often have useful information in the form of email addresses, which can be acquired by search in the raw drive data independent of the file system. Using these data, we can build a picture ...
Allen, Gregory (Monterey, California: Naval Postgraduate School, 2016-09);Email addresses extracted from secondary storage devices are important to a forensic analyst when conducting an investigation. They can provide insight into the user's social network and help identify other potential persons ...
Pitts, James Edward (Monterey, California. Naval Postgraduate School, 1992-12);The end of the Cold War has brought about significant changes in the international and national security environments that present tremendous implications for the U.S. military. The strategic threat of global nuclear war ...