Draft:ORCHIDv2
| Developed by | Internet Engineering Task Force (IETF) |
|---|
ORCHIDv2 (Overlay Routable Cryptographic Hash Identifiers Version 2) is a protocol defined in RFC 7343 (published September 2014) that specifies a format for cryptographic identifiers used as endpoint identifiers at the application layer. It obsoletes the original ORCHID specification in RFC 4843. ORCHIDv2 identifiers are designed to appear as IPv6 addresses at application programming interfaces (APIs) and protocols but are not routable at the IP layer. They are intended for use in overlay networks, where they can be routable at the overlay level.
Overview
[edit]ORCHIDv2 identifiers are 128-bit values that combine a fixed prefix, a context identifier, and a truncated hash of an input bitstring. They are used to identify endpoints in applications and APIs, such as Host Identity Tags (HITs) in the Host Identity Protocol (HIP) or Temporary Mobile Identifiers (TMIs) in Mobile IPv6 Privacy Extensions. Unlike regular IPv6 addresses, ORCHIDv2 identifiers are not meant to appear in IPv6 headers and are considered non-routable at the IP layer. The prefix `2001:20::/28` ensures they are distinct from routable IPv6 addresses while maintaining compatibility with IPv6 APIs.
Features
[edit]- Application-Layer Focus: Used as endpoint identifiers, not network locators.
- IPv6 Compatibility: Designed to work with existing IPv6 APIs and applications.
- Overlay Routability: Can be routable in overlay networks, despite being non-routable at the IP layer.
- Collision Resistance: Uses a context ID and hash to minimize identifier collisions.
- Fixed Format: 128-bit structure with a defined prefix, context ID, and hash.
Structure
[edit]ORCHIDv2 identifiers are 128-bit values formatted to resemble IPv6 addresses. They consist of a 28-bit prefix, a 16-bit context ID, and an 84-bit hash, as defined in RFC 7343. The fields are packed with the most significant byte first (network byte order), and the most significant bit is numbered 0 (MSB 0 bit numbering).
The diagram below shows the structure of an ORCHIDv2 identifier.
| Offset | Octet | 0 | 1 | 2 | 3 | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Octet | Bit | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 |
| 0 | 0 | Prefix (2001:20::/28) | Context ID (part 1) | ||||||||||||||||||||||||||||||
| 4 | 32 | Context ID (part 2) | Hash (part 1) | ||||||||||||||||||||||||||||||
| 8 | 64 | Hash (part 2) | |||||||||||||||||||||||||||||||
| 12 | 96 | Hash (part 3) | |||||||||||||||||||||||||||||||
- Prefix: 28 bits
- The fixed prefix for ORCHIDv2, set to 2001:20::/28 (hex: 2001002). This distinguishes ORCHIDv2 identifiers from routable IPv6 addresses.
- Context ID: 16 bits
- A 16-bit identifier specifying the hash function and context (e.g., 0xF0EF for experimentation). Split across two rows for bit alignment.
- Hash: 84 bits
- The truncated output of a hash function (e.g., SHA-256) applied to an input bitstring. Split across three rows for bit alignment.
Applications
[edit]ORCHIDv2 identifiers are used in:
- Host Identity Protocol (HIP) as Host Identity Tags (HITs) to identify hosts in a secure manner.
- Mobile IPv6 Privacy Extensions as Temporary Mobile Identifiers (TMIs) to enhance privacy.
- Other overlay network protocols requiring unique, collision-resistant identifiers at the application layer.
Security Considerations
[edit]ORCHIDv2 identifiers are designed to minimize collisions through:
- A context ID to prevent overlapping input bitstrings from different contexts.
- A hash function (e.g., SHA-256) with sufficient entropy in the input (e.g., a 96-bit pseudorandom number or cryptographic key).
However, the 84-bit hash length results from truncation, which reduces collision resistance compared to the full hash output. RFC 7343 notes that this truncation aligns with RFC 6920 ("Naming Things with Hashes") and inherits its security considerations, including the risk of collisions in high-volume scenarios. ORCHIDv2 identifiers are not cryptographically secure for authentication or integrity purposes due to their experimental nature.
Status
[edit]ORCHIDv2 was published as a Standards Track RFC in September 2014, obsoleting RFC 4843. It remains an experimental specification, with the prefix `2001:20::/28` allocated temporarily by IANA for ORCHIDv2 use. As of 2025, no updates or revisions have been published, and its experimental status limits its deployment to specific use cases like HIP and Mobile IPv6 extensions.
References
[edit]- "RFC 7343: An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers Version 2 (ORCHIDv2)". Internet Engineering Task Force. Retrieved 2025-05-16.
- "RFC 4843: An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID)". Internet Engineering Task Force. Retrieved 2025-05-16.