VeRA - Version Number and Rank Authentication in RPL

VeRA - Version Number and Rank Authentication in RPL

Designing a routing protocol for large low-power and lossy networks (LLNs), consisting of thousands of constrained nodes and unreliable links, presents new challenges. The IPv6 Routing Protocol for Low-power and Lossy Networks (RPL), have been developed by the IETF ROLL Working Group as a preferred...

Full description

Saved in:
Bibliographic Details
Published in:2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems pp. 709 - 714
Main Authors: Dvir, A., Holczer, T., Buttyan, L.
Format: Conference Proceeding
Language:English
Published: IEEE 01-10-2011
Subjects:
Ad hoc networks
Authentication
Hash chain
LLN
Logic gates
Measurement
Rank
Routing
Routing protocols
RPL
Version Number
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Designing a routing protocol for large low-power and lossy networks (LLNs), consisting of thousands of constrained nodes and unreliable links, presents new challenges. The IPv6 Routing Protocol for Low-power and Lossy Networks (RPL), have been developed by the IETF ROLL Working Group as a preferred routing protocol to provide IPv6 routing functionality in LLNs. RPL provides path diversity by building and maintaining directed acyclic graphs (DAG) rooted at one (or more) gateway. However, an adversary that impersonates a gateway or has compromised one of the nodes close to the gateway can divert a large part of network traffic forward itself and/or exhaust the nodes' batteries. Therefore in RPL, special security care must be taken when the Destination Oriented Directed Acyclic Graph (DODAG) root is updating the Version Number by which reconstruction of the routing topology can be initiated. The same care also must be taken to prevent an internal attacker (compromised DODAG node) to publish decreased Rank value, which causes a large part of the DODAG to connect to the DODAG root via the attacker and give it the ability to eavesdrop a large part of the network traffic forward itself. Unfortunately, the currently available security services in RPL will not protect against a compromised internal node that can construct and disseminate fake messages. In this paper, a new security service is described that prevents any misbehaving node from illegitimately increasing the Version Number and compromise illegitimate decreased Rank values.
ISBN:1457713454
9781457713453
ISSN:2155-6806
2155-6814
DOI:10.1109/MASS.2011.76