Secure Neighbor Discovery Protocol

Secure Neighbor Discovery Protocol

The Secure Neighbor Discovery (SEND) protocol is a security extension of the Neighbor Discovery Protocol (NDP) in IPv6 defined in RFC 3971 and updated by RFC 6494.

The Neighbor Discovery Protocol (NDP) is responsible in IPv6 for discovery of other network nodes on the local link, to determine the link layer addresses of other nodes, and to find available routers, and maintain reachability information about the paths to other active neighbor nodes (RFC 4861). This protocol is insecure and susceptible to malicious interference. It is the intent of SEND is to provide an alternate mechanism for securing NDP with a cryptographic method that is independent of IPsec, the original and inherent method of securing IPv6 communications.

SEND uses Cryptographically Generated Addresses (CGA).

SEND was updated to use the Resource Public Key Infrastructure (RPKI) by RFC 6494 which defines a SEND Certificate Profile utilizing a modified RFC 6487 RPKI Certificate Profile which must include a single RFC 3779 IP Address Delegation extension.

Read more about Secure Neighbor Discovery Protocol:  Implementations

Famous quotes containing the words secure, neighbor and/or discovery:

    To be a good enough parent one must be able to feel secure in one’s parenthood, and one’s relation to one’s child...The security of the parent about being a parent will eventually become the source of the child’s feeling secure about himself.
    Bruno Bettelheim (20th century)

    Do not forsake your friend or the friend of your parent; do not go to the house of your kindred in the day of your calamity. Better is a neighbor who is nearby than kindred who are far away.
    Bible: Hebrew, Proverbs 27:10.

    However backwards the world has been in former ages in the discovery of such points as GOD never meant us to know,—we have been more successful in our own days:Mthousands can trace out now the impressions of this divine intercourse in themselves, from the first moment they received it, and with such distinct intelligence of its progress and workings, as to require no evidence of its truth.
    Laurence Sterne (1713–1768)