conferences | speakers | series

iothnamed

home

iothnamed
FOSDEM 2023

iothnamed is a DNS server/forwarder/cache for the Internet of Threads supporting hash based IPv6 addresses and OTIP, i.e. one time IP.

Hash based IPv6 addresses: The host part of an IPv6 address can be computed as the result of a hash function computer on the fully qualified domain name. This eases the life of system administrators dealing with IPv6 networks.

One Time IP: OTIP means that the current IP address of a server changes periodically to prevent networking attacks. This method has mainly been designed for IPv6 networks.

Hash Based IPv6 address: The configuration of an IPv6 network is a rather daunting and error-prone procedure for system administrators. Each node must be provided with its own (128 bit long) IPv6 address and with a domain name manageable by human beings. Autoconfiguration methods can give addresses to interfaces but do not provide any means of configuring the DNS. So autoconfiguration is suitable for clients. If a host has to act as a server, it must have a fully qualified domain name and the DNS service has to map its name to its IP address. In the Internet of Thread scenario, the number of network nodes can be orders of magnitude higher than before, as each process or thread can be a node. This idea of hash based IPv6 addresses is a viable solution to the problem to manage the DNS resolution in IoTh environments.

One Time IP: Hosting servers use a finite number of IP addresses to connect on the net. Attackers can collect those by wiretapping the network and create a catalog of valid addresses and services in order to attack the servers. OTIP can prevent these attacks, or make them harder to succeed as the addresses collected by network sniffers expire in a short time. OTIP aims to provide one further layer of protection for private services.

Speakers: Renzo Davoli