Secure Neighbor Discovery Protocol (SEND protocol)

What is Secure Neighbor Discovery Protocol (SEND Protocol)?
Secure Neighbor Discovery Protocol (SEND protocol) is a security extension of the Neighbor Discovery Protocol (NDP), which is used in IPv6 to detect neighboring nodes on the local connection.

NDP determines the link layer addresses of other nodes, searches for available routers, manages availability information, performs address resolution and detects address duplex. SEND extends this insecure protocol by using Cryptographically Generated Addresses (CGA) to encrypt NDP messages.
This method is independent of IPSec, which is typically used to secure IPv6 transmissions. The introduction of CGA helps neutralize neighborhood / recruitment / advertising spoofing, errors in detecting unreachable neighbors, DOS attacks, router requests, and advertising and replay attacks.

If not secured, NDP is susceptible to various attacks. The original NDP specifications required the use of IPsec to protect NDP messages. However, the number of manually configured security applications required to protect NDP can be very large, making this approach impractical for most purposes.

The SEND protocol is intended to counter the threats to NDP. SEND can be used in environments in which the physical security of the connection is not guaranteed (e.g. via WLAN) and attacks on NDP are problematic. SEND uses CGAs, a cryptographic method to bind a public signature key to an IPv6. CGAs are used to ensure that the sender of a Neighbor Discovery message is the "owner" of the claimed address.

A public-private key pair is generated by all nodes before they can claim an address. A new NDP option, the CGA option, is used to transmit the public key and associated parameters. CGA is formed by replacing the least significant 64 bits of the 128-bit IPv6 address with the cryptographic hash of the address owner's public key.
The messages are signed with the corresponding private key. Only if the source address and the public key are known can the verifier authenticate the message from the corresponding sender.

The SEND protocol does not require a public key infrastructure. Valid CGAs can be generated by anyone, including a potential attacker, but they cannot use existing CGAs. Public key signatures protect the integrity of messages and authenticate the identity of those who send them. The authorization of a public key is determined through a number of processes depending on the configuration and the type of message to be protected.