Performance Evaluation of IPv6 and the Role of IPsec in Encrypting Data by Yasser Alhoaimel Bachelor of Science in Computer Information System College of Computer and Information Technology Shaqra University 2014 A thesis submitted to the College of Engineering and Science of Florida Institute of Technology in partial fulfillment of the requirements for the degree of Master of Science in Computer Information Systems Melbourne, Florida May, 2019 Copyright Copyright Statement All rights reserved. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher, except in the case of brief quotations embodied in critical reviews and certain other noncommercial uses permitted by copyright law. For permission requests, find the information below to request a permission from the publisher [25]. Yasser Alhoaimel King Abdulaziz St. Ex.5 Riyadh, Saudi Arabia Mobile: +966595111130 [email protected] I, Yasser Alhoaimel authorize Florida Institute of Technology to grant permission to make single copies and publish this research whether locally or internationally. We the undersigned committee hereby approve the attached thesis, “Performance Evaluation of IPv6 and the Role of IPsec in Encrypting Data” by Yasser Alhoaimel. __________________________________________________ David LeVan, Ph.D. Assistant Professor of Computer Sciences Committee Chair _________________________________________________ Tiauw Hiong Go, Ph.D. Associate Professor of Aerospace Engineering Outside Committee Member _________________________________________________ Walter Bond, Ph.D. Associate Professor of Computer Sciences Committee Member _________________________________________________ Philip Bernhard, Ph.D. Associate Professor and Department Head Computer Engineering and Sciences Abstract Performance Evaluation of IPv6 and the Role of IPsec in Encrypting Data Author: Yasser Alhoaimel Major advisor: David O. LeVan, Ph. D. Objectives This research concentrates on IPv6 security and its technical aspects. The performance of IPv6 has carefully evaluated, tested, and analyzed. Beyond comparing IPv4 and IPv6 in terms of security, this thesis does not focus on IPv4; preferably, the priority is to concentrate on the security basis of IPv6. The comparison was based on previous researches that can be found in the references section. Furthermore, the role of IPsec in encrypting data is another main objective of this research and is specifically explained. This research demonstrates how IPsec is used in encrypting data so that IPv6 extension headers will be demonstrated and examined. IPv4 and IPv6 have impacts and problems. Therefore, the end of this thesis contains an implementation, investigation, and examination of the problems and results with IPv4 and IPv6. Key Results The key results are specified in Chapters 8 and 9, which contain implementations of IPv4, IPv6, IPsec over IPv4, and IPsec over IPv6. iii Table of Contents COPYRIGHT .............................................................................................................................. IV COPYRIGHT STATEMENT .......................................................................................................... IV ABSTRACT ................................................................................................................................ III OBJECTIVES .............................................................................................................................. III KEY RESULTS ........................................................................................................................... III TABLE OF CONTENTS ...................................................................................................................... IV LIST OF FIGURES ............................................................................................................................ VIII LIST OF COMMON ACRONYMS .................................................................................................... XI ACKNOWLEDGMENTS ................................................................................................................... XII DEDICATION ..................................................................................................................................... XIII CHAPTER 1 INTRODUCTION ......................................................................................................... 1 1.1 OVERVIEW ........................................................................................................................... 1 1.2 STATEMENT OF PROBLEM ..................................................................................................... 1 1.3 AIMS AND OBJECTIVE OF THE RESEARCH STUDY ................................................................... 2 CHAPTER 2 BACKGROUND ............................................................................................................ 4 2.1 THESIS BACKGROUND........................................................................................................... 4 2.2 INTERNET PROTOCOL VERSIONS ............................................................................................ 4 2.2.1 INTERNET PROTOCOL SECURITY (IPSEC) ............................................................................. 4 2.3 THESIS TOOLS ...................................................................................................................... 5 2.4 RESEARCH FLOW .................................................................................................................. 6 2.5 EXPERIMENTAL PLAN ........................................................................................................... 7 2.6 SCOPE AND CONSTRAINTS OF THE RESEARCH STUDY ............................................................. 8 2.7 RESEARCH QUESTIONS ......................................................................................................... 8 2.8 SIGNIFICANCE OF THE PROPOSED RESEARCH .......................................................................... 9 iv CHAPTER 3 ELEMENTS OF IPV6 ................................................................................................. 10 3.1 TECHNICAL ASPECTS OF IPV6 ............................................................................................. 10 3.2 DATA ENCRYPTION/PROTECTION IN IPV6 ............................................................................ 11 3.2.1 AH AND ESP PROTOCOLS ................................................................................................ 11 3.3 HEADER FORMAT OF IPV6 .................................................................................................. 12 CHAPTER 4 IPV6 SECURITY ISSUES .......................................................................................... 14 4.1 DUAL-STACK APPROACH .................................................................................................... 14 4.2 NAT-FREE NETWORK ARCHITECTURE ................................................................................ 14 4.3 LACK OF SUPPORT .............................................................................................................. 14 CHAPTER 5 IPV6 SECURITY CHALLENGES ............................................................................ 15 5.1 THREATS IN IPV6 NETWORKS.............................................................................................. 15 5.2 THREATS IN IPV6 ROUTING HEADERS.................................................................................. 15 CHAPTER 6 IPV6: CHANGES AND ADDITIONS....................................................................... 16 6.1 ADDRESSES ................................................................................................................ 16 6.2 MULTIPLE ADDRESSES PER HOST ................................................................................ 16 6.3 HEADER FIXED LENGTH.............................................................................................. 17 6.4 ND INSTEAD OF ARP PROTOCOL ................................................................................ 17 CHAPTER 7 IPV6: USAGE AND ADOPTION .............................................................................. 18 7.1 IPV6 USAGE: ...................................................................................................................... 18 7.2 IPV6 ADOPTION: ................................................................................................................. 19 CHAPTER 8 DELIVERABLES AND RESULTS ........................................................................... 20 8.1 IPV4 TOPOLOGY ................................................................................................................. 20 8.1.1 IPV4 AND ITS HEADER ..................................................................................................... 21 8.2 ADDRESSING ...................................................................................................................... 21 8.3 IPV4 IP ADDRESS CLASSES ................................................................................................. 22 8.4 IPV4 CONFIGURATION ........................................................................................................ 25 8.4.1 ROUTER 1 CONFIGURATION .............................................................................................