The SEcure Neighbor Discovery (SEND) protocol is a security extension of the Neighbor Discovery Protocol (NDP) in IPv6. SEND is defined in RFC 3971 (2005). It is a subject to patent US 2008/0307516 A1
The Neighbor Discovery Protocol (NDP) is responsible in IPv6 for discovery of other network nodes on the local link, to determine the link layer addresses of other nodes, and to find available routers, and maintain reachability information about the paths to other active neighbor nodes (RFC 4861). This protocol is insecure and susceptible to malicious interference. It is the intent of SEcure Neighbor Discovery to provide an alternate mechanism for securing NDP with a cryptographic method that is independent of IPsec, the original and inherent method of securing IPv6 communications.
SEND protocol uses Cryptographically Generated Addresses.
|