A Cryptographically Generated Address (CGA) is an Internet Protocol Version 6

IPv6

Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...

 (IPv6) address that has a host identifier computed from a cryptographic one-way hash function. This procedure is a method for binding a public signature key to an IPv6

IPv6

Internet Protocol version 6 is a version of the Internet Protocol . It is designed to succeed the Internet Protocol version 4...

 address in the Secure Neighbor Discovery Protocol (SEND).

Methodology

A Cryptographically Generated Address is formed by replacing the least-significant 64 bits of the 128-bit IPv6 address with the cryptographic hash of the public key of the address owner. The messages are signed with the corresponding private key. Only if the source address and the public key are known can the verifier authenticate the message from that corresponding sender. This method requires no public-key infrastructure. Valid CGAs may be generated by any sender, including a potential attacker, but they cannot use any existing CGAs.