Cryptographically Generated Address
- Cryptographically Generated Address
-
A Cryptographically Generated Address (CGA) is an Internet Protocol Version 6 (IPv6) address that has a host identifier computed from a cryptographic one-way hash function.[1] This procedure is a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery Protocol (SEND).[2]
Methodology
A Cryptographically Generated Address is formed by replacing the least-significant 64 bits of the 128-bit IPv6 address with the cryptographic hash of the public key of the address owner. The messages are signed with the corresponding private key. Only if the source address and the public key are known can the verifier authenticate the message from that corresponding sender. This method requires no public-key infrastructure. Valid CGAs may be generated by any sender, including a potential attacker, but they cannot use any existing CGAs.
See also
References
- ^ RFC 3972, Cryptographically Generated Addresses (CGA), T. Aura (March 2005)
- ^ RFC 3971, Secure Neighbor Discovery (SEND), J. Arkko (ed.), J. Kempf, B. Zill, P. Nikander (March 2005)
Categories:
- Cryptographic protocols
- IPv6
- Cryptography stubs
Wikimedia Foundation.
2010.
Look at other dictionaries:
Cryptographically Generated Addresses — (CGA) is a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol.CGA is defined in RFC 3972.References* RFC 3972External links … Wikipedia
Site Multihoming by IPv6 Intermediation — The SHIM6 protocol is a layer 3 shim for providing locator agility below the transport protocols, so that multihoming can be provided for IPv6 with failover and load sharing properties, without assuming that a multihomed site will have a provider … Wikipedia
CGA — may stand for: Crew Golf Association California s Great America Casual Games Association Central Government Accounts, an organization in the UK government Central of Georgia Railway Centro de Gestión Avanzado (Advanced Management Centre), an… … Wikipedia
Public key fingerprint — In public key cryptography, a public key fingerprint is a short sequence of bytes used to authenticate or look up a longer public key. Fingerprints are created by applying a cryptographic hash function to a public key. Since fingerprints are… … Wikipedia
Domain Name System — The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the… … Wikipedia
Universally Unique Identifier — A Universally Unique Identifier (UUID) is an identifier standard used in software construction, standardized by the Open Software Foundation (OSF) as part of the Distributed Computing Environment (DCE). The intent of UUIDs is to enable… … Wikipedia
Bluetooth — This article is about the electronic protocol. For the medieval King of Denmark, see Harald I of Denmark. Bluetooth logo Bluetooth is a proprietary open wireless technology standard for exchanging data over short distances (using short wavelength … Wikipedia
Domain Name System Security Extensions — Internet protocol suite Application layer BGP DHCP DNS FTP HTTP … Wikipedia
Proxy server — For Wikipedia s policy on editing from open proxies, please see Wikipedia:Open proxies. Communication between two computers (shown in grey) connected through a third computer (shown in red) acting as a proxy. In … Wikipedia
Identity document — National identity card redirects here. For cards referred to in the English language as national identity card , see National identity card (disambiguation). An identity document (also called a piece of identification or ID, or colloquially as… … Wikipedia
