Abstract
Distance vector routing protocols (e.g., RIP) have been widely used on the Internet, and are being adapted to emerging wireless ad hoc networks. However, it is well-known that existing distance vector routing protocols are insecure due to: 1) the lack of strong authentication and authorization mechanisms; 2) the difficulty, if not impossibility, of validating routing updates which are aggregated results of other routers. In this paper, we introduce a secure routing protocol, namely S-RIP, based on a distance vector approach. In S-RIP, a router confirms the consistency of an advertised route with those nodes that have propogated that route. A reputation-based framework is proposed for determining how many nodes should be consulted, flexibly balancing security and efficiency. Our threat analysis and simulation results show that in S-RIP, a well-behaved node can uncover inconsistent routing information in a network with many misbehaving nodes assuming (in the present work) no two of them are in collusion, with relatively low extra routing overhead.
Version: April 12, 2004.
Chapter PDF
Similar content being viewed by others
References
Baker, F., Atkinson, R.: RIP-II MD5 Authentication. RFC 2082 (January 1997)
Bellovin, S.M.: Security Problems in the TCP/IP Protocol Suite. ACM Computer Communications Review 19(2), 32–48 (1989)
Case, J., Fedor, M., Schoffstall, M., Davin, J.: A Simple Network Management Protocol (SNMP). RFC 1157 (May 1990)
Deering, S., Hares, S., Perkins, C., Perlman, R.: Overview of the 1998 IAB Routing Workshop (RFC 2902) (August 2000)
Dempster, A.P.: Upper and Lower Probabilities Induced by a Multivalued Mapping. The Annals of Statistics 28, 325–339 (1967)
Garcia-Luna-Aceves, J.J., Murthy, S.: A Loop-Free Algorithm Based on Predecessor Information. In: Proceedings of IEEE INFOCOM, Boston, MA, USA (April 1995)
Goodell, G., Aiello, W., Griffin, T., Ioannidis, J., McDaniel, P., Rubin, A.: Working around BGP:AnIncrementalApproach to Improving Security andAccuracy in Interdomain Routing. In: Proc. of NDSS’03, San Diego, USA (February 2003)
Hedrick, C.: Routing Information Protocol. RFC 1058 (June 1988)
Hu, Y.C., Perrig, A., Johnson, D.B.: Efficient Security Mechanisms for Routing Protocols. In: Proc. NDSS 2003, San Diego, USA (February 2003)
Hu, Y.C., Perrig, A., Johnson, D.B.: Packet Leashes:A Defense againstWormhole Attacks in Wireless Networks. In: Proc. of IEEE INFOCOM 2003, San Francisco, USA (April 2003)
Hu, Y.C., Johnson, D.B., Perrig, A.: SEAD: Secure Efficient Distance Vector Routing for Mobile Wireless Ad Hoc Networks. Ad Hoc Networks Journal 1, 175–192 (2003)
Just, M., Kranakis, E., Wan, T.: Resisting Malicious Packet Dropping in Wireless Ad Hoc Networks. In: Proc. of ADHOCNOW 2003, Montreal, Canada (October 2003)
Kent, S., Atkinson, R.: IP Encapsulating Security Payload. RFC 2406 (November 1998)
Kent, S., Lynn, C., Seo, K.: Secure Border Gateway Protocol (Secure-BGP). IEEE Journal on Selected Areas in Communications 18(4), 582–592 (2000)
Malkin, G.: RIP Version 2. RFC 2453 (Standard) (November 1998)
McQuillan, J.M., Falk, G., Richer, I.: A Review of the Development and Performance of the ARPANET Routing Algorithm. IEEE Trans. on Comm. 26(12), 1802–1811 (1978)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Mittal, V., Vigna, G.: Sensor-Based Intrusion Detection for Intra-Domain Distance-Vector Routing. In: Proc. of CCS 2002, Washington, D.C., USA (November 2002)
Murphy, S.L., Badger, M.R.: Digital Signature Protection of the OSPF Routing Protocol. In: Proc. of NDSS 1996, San Diego, USA (April 1996)
Padmanabhan, V.N., Simon, D.R.: Secure Traceroute to Detect Faulty or Malicious Routing. In: ACM SIGCOMM Workshop on Hot Topic in Networks, Princeton, NJ, USA (October 2002)
Pei, D., Massey, D., Zhang, L.: Detection of Invalid Announcements in RIP protocols. In: IEEE Globecom 2003, San Francisco, California, USA (December 2003)
Perlman, R.: Network Layer Protocols with Byzantine Robustness. PhD thesis, MIT (1988)
Perlman, R.: Interconnections: Bridges and Routers. Addison-Wesley, Reading (1992)
Rekhter, Y., Li, T.: A Border Gateway Protocol 4 (BGP-4), RFC 1771 (March 1995)
Resnick, P., Zeckhauser, R., Friedman, E., Kuwabara, K.: Reputation systems: Facilitating trust in Internet interactions. Communications of the ACM 43(12), 45–48 (2000)
Rivest, R.: The MD5 Message-Digest Algorithm, RFC 1321 (April 1992)
Shafer, G.: A Mathematical Theory of Evidence. Princeton University Press, Princeton (1976)
Smith, B.R., Garcia-Luna-Aceves, J.J.: Securing the Border Gateway Routing Protocol. In: Proceedings of Global Internet 1996, London, UK (November 1996)
Smith, B.R., Murphy, S., Garcia-Luna-Aceves, J.J.: Securing Distance-Vector Routing Protocols. In: Proc. of NDSS 1997, San Diego, USA (February 1997)
Wan, T., Kranakis, E., van Oorschot, P.C.: Secure Routing Protocols Using Consistency Checks and S-RIP. Technical Report TR-03-09, School of Computer Science, Carleton University, Ottawa, Canada (October 2003)
Wang, F.Y., Wu, F.S.: On the Vulnerablity and Protection of OSPF Routing Protocol. In: Proceedings of IEEE Seventh International Conference on Computer Communications and Networks, Lafayette, LA, USA, October 12-15 (1998)
White, R.: Securing BGP Through Secure Origin BGP. The Internet Protocol Journal 6(3), 15–22 (2003)
Yu, B., Singh, M.P.: Distributed Reputation Management for Electronic Commerce. Computational Intelligence 18(4), 535–549 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wan, T., Kranakis, E., van Oorschot, P.C. (2004). S-RIP: A Secure Distance Vector Routing Protocol. In: Jakobsson, M., Yung, M., Zhou, J. (eds) Applied Cryptography and Network Security. ACNS 2004. Lecture Notes in Computer Science, vol 3089. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24852-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-540-24852-1_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22217-0
Online ISBN: 978-3-540-24852-1
eBook Packages: Springer Book Archive