Privacy in IPv6

29/07/2021

Unlike the previous version of the Internet Protocol (IPv4), IPv6 is not encrypted by default, concluded Alejandro Acosta, R&D Coordinator at LACNIC, during one of the talks scheduled as part of the IPv6 Day webinar organized by the Internet Registry for Latin America and the Caribbean.

Acosta observed that he receives frequent inquiries on whether packets transported over IPv6 are encrypted and explained that IPv6 does not use IPsec (Internet Protocol security) by default, a secure network protocol suite that secures communications over an Internet Protocol network by authenticating and encrypting each packet in the data flows between different devices.

During the webinar, participants learned that, according to RFC 8504 (January 2019), encryption is optional in IPv6. This explicitly cleared any doubts they might have had regarding IPv6 and encryption.

Acosta then completed an exercise using two routers (router 1 to router 2) to demonstrate that IPv6 does not use encryption.

What about privacy? Another question addressed by Acosta was whether IPv6 respects user privacy. In this sense, he noted that RFC 8981 introduces a mechanism for generating temporary addresses with randomized interface identifiers that change over time. “These identifiers are not reused, and the valid lifetime of addresses has been reduced to two days,” he added.

Finally, Acosta completed another demonstration with two routers to show that IPv6 does indeed respect user privacy.

Click here to watch the presentation.