Distributing a Symmetric Neighbor Discovery Key Using SEND

Document Type Expired Internet-Draft (individual)
Authors Frank Xia  , Suresh Krishnan  , Wassim Haddad  , Jean-Michel Combes  , Chunqiang Li 
Last updated 2008-06-20
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


In this document, a method for provisioning a shared key from the router to the host is defined to protect Neighbor Discovery(ND) signaling between the router and the host. The host sends a Router Solicitation(RS) message with ND Shared Key Request Option to the router. The router encrypts a ND shared key using the host's SEcure Neighbor Discovery(SEND) public key and sends it back to the host through a Router Advertisement(RA) message. The host decrypts the ND shared key using the matching private key. The Neighbor Discovery shared key is then used for protecting the following Neighbor Discovery signaling between the router and the host. The Router Solicitation and Router Advertisement message exchanges are required to have SEND security.


Frank Xia (xiayangsong@huawei.com)
Suresh Krishnan (suresh.krishnan@ericsson.com)
Wassim Haddad (whaddad@qualcomm.com)
Jean-Michel Combes (jeanmichel.combes@gmail.com)
Chunqiang Li (li.chunqiang@huawei.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)