2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) 2013
DOI: 10.1109/infcomw.2013.6970745
|View full text |Cite
|
Sign up to set email alerts
|

Topology Authentication in RPL

Abstract: The Routing Protocol for Low-Power and Lossy Networks (RPL) is a proposed standard by the Internet Engineering Task Force (IETF). Although RPL defines basic security modes, it is still subject to topology attacks. VeRA is an authentication scheme which protects against attacks, based on the version number and rank. This work presents two rank attacks which are not mitigated by VeRA. In the first attack, the adversary can decrease its rank arbitrarily. Hence, it can impersonate even the root node. In the second… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
13
0

Year Published

2013
2013
2023
2023

Publication Types

Select...
3
3
2
1

Relationship

1
8

Authors

Journals

citations
Cited by 49 publications
(13 citation statements)
references
References 1 publication
0
13
0
Order By: Relevance
“…Cryptography Challenges: The key management is one of the significant challenges for resource constrained networks, which requires attention. Several defense solutions [53], [54], [67], [92], [93] use cryptography techniques like Hash Chain Authentication, Merkle Tree Authentication, and Dynamic Keying impose computational, memory, and energy overhead on resource constrained devices. These overheads affect node lifetime, which is an essential criterion for critical IoT applications, e.g., industrial, forest, and landslide monitoring.…”
Section: Directionsmentioning
confidence: 99%
“…Cryptography Challenges: The key management is one of the significant challenges for resource constrained networks, which requires attention. Several defense solutions [53], [54], [67], [92], [93] use cryptography techniques like Hash Chain Authentication, Merkle Tree Authentication, and Dynamic Keying impose computational, memory, and energy overhead on resource constrained devices. These overheads affect node lifetime, which is an essential criterion for critical IoT applications, e.g., industrial, forest, and landslide monitoring.…”
Section: Directionsmentioning
confidence: 99%
“…On the other side, in the case of rank attack an adversary can attract the large traffic by advertising false rank value, so non-optimal routes might be established. Solutions to address this problem are given in [60] and [61].…”
Section: B Security and Attacks In Rplmentioning
confidence: 99%
“…Separate keys for network segments [48] PS The solution was not implemented/simulated yet; Merkel trees authentication [54] PS Node uses a key to encrypt its messages; High jitter and E2E delay until tree has been established; Graph theoretic approach [55] PS Cryptographic techniques based on local broadcast keys; Low overhead, no synchronization needed; Sybil attack, Clone ID Distributed hash tables (DHT) to store the graphical location of nodes [48], [56] PS Problem in how to securely verify the node location; Might not scale well with large networks; DAG/DAO inconsistency attack Limit the rate of tickle timer resets [57] PS Threshold value is fixed, no network or node characteristics are taken into account; Adaptive threshold [58] PS Takes into account the network characteristics; Dynamic approach [59] PS Improved version as node specific parameters are used; Rank attack VeRa [60] PS Authentication mechanism based on hash operations; Low time overhead, but still vulnerable to rank attacks by forgery and replay; TRAIL [61] PS Improvement of VeRa, requires almost no cryptography, but shows dependency on network sizes; choose to selectively forward data or drop all received packets. In both scenarios the network operation would be disturbed.…”
Section: Psmentioning
confidence: 99%
“…Version number attacks have also been suggested previously [12,13], but their effects have not been analyzed to understand whether it would be prudent to mitigate such attacks or not. The Version Number and Rank Authentication (VeRA) [13] approach provides integrity of version numbers and ranks advertised in control messages via hash and signature operations.…”
Section: Related Workmentioning
confidence: 99%