Skip to main content
SpringerLink
Log in

A Lightweight Defense Approach to Mitigate Version Number and Rank Attacks in Low-Power and Lossy Networks

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The Internet of Things (IoT) presents a new paradigm of the future internet that intends to provide interactive communication between various processing object via heterogeneous networks. The routing protocol in the IoT environment is Routing Protocol for Low-Power and Lossy Networks (RPL). The current RPL specification defines primary security modes; therefore it is vulnerable to topological attacks. In this paper the RPL routing mechanism, its topological vulnerabilities and two important topological attacks namely version number attack and rank spoofing attack are analyzed. To counter the mentioned attacks, a lightweight Identity Based Offline–Online Signature based scheme is proposed. Our evaluation shows that our proposed scheme is secure in the random oracle model, and in terms of computational cost and energy consumption efficiently counters with these attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Tsai, C. W., Lai, C. F., & Vasilakos, A. V. (2014). Future internet of things: Open issues and challenges. Wireless Networks, 20(8), 2201–2217. https://doi.org/10.1007/s11276-014-0731-0.

    Article  Google Scholar 

  2. Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks, 57(10), 2266–2279. https://doi.org/10.1016/j.comnet.2012.12.018.

    Article  Google Scholar 

  3. Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of the Internet of Things: Perspectives and challenges. Wireless Networks, 20(8), 2481–2501. https://doi.org/10.1007/s11276-014-0761-7.

    Article  Google Scholar 

  4. Kim, E., & Kaspar, D. (2012). Design and application spaces for IPv6 over low-power wireless personal area networks (6LoWPANs). IETF, RFC 6568. https://tools.ietf.org/html/rfc6568. Accessed 4 Mar 2017.

  5. Winter, T., Thubert, P., & Brandt, A. (2012). RPL: IPv6 routing protocol for low-power and lossy networks. IETF, RFC 6550. https://tools.ietf.org/html/rfc6550. Accessed 15 Mar 2017.

  6. Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., & Schönwälder, J. (2014). A study of RPL DODAG version attacks. In IFIP international conference on autonomous infrastructure, management and security (pp. 92–104). Springer. https://doi.org/10.1007/978-3-662-43862-6_12.

  7. Boneh, D., & Franklin, M. (2001). Identity-based encryption from the Weil pairing. In Annual international cryptology conferenceCRYPTO 2001 (pp. 213–229). Springer. https://doi.org/10.1007/3-540-44647-8_13.

  8. Rahman, S. M. M., & El-Khatib, K. (2010). Private key agreement and secure communication for heterogeneous sensor networks. Journal of Parallel and Distributed Computing, 70(8), 858–870. https://doi.org/10.1016/j.jpdc.2010.03.009.

    Article  MATH  Google Scholar 

  9. Oliveira, L. B., Aranha, D. F., Gouvêa, C. P., Scott, M., Câmara, D. F., López, J., et al. (2011). TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks. Computer Communications, 34(3), 485–493. https://doi.org/10.1016/j.comcom.2010.05.013.

    Article  Google Scholar 

  10. Shim, K. A. (2012). CPAS: An efficient conditional privacy-preserving authentication scheme for vehicular sensor networks. IEEE Transactions on Vehicular Technology, 61(4), 1874–1883. https://doi.org/10.1109/TVT.2012.2186992.

    Article  MathSciNet  Google Scholar 

  11. Even, S., Goldreich, O., & Micali, S. (1996). On-line/off-line digital signatures. Journal of Cryptology, 9(1), 35–67. https://doi.org/10.1007/BF02254791.

    Article  MathSciNet  MATH  Google Scholar 

  12. Hsu, C.-L., Chuang, Y.-H., & Kuo, C. (2015). A novel remote user authentication scheme from bilinear pairings via internet. Wireless Personal Communications, 83(1), 163–174. https://doi.org/10.1007/s11277-015-2386-2.

    Article  Google Scholar 

  13. Luo, M., & Zhao, H. (2015). An authentication and key agreement mechanism for multi-domain wireless networks using certificateless public-key cryptography. Wireless Personal Communications, 81(2), 779–798. https://doi.org/10.1007/s11277-014-2157-5.

    Article  Google Scholar 

  14. Tsai, J.-L., & Lo, N.-W. (2015). Provably secure and efficient anonymous ID-based authentication protocol for mobile devices using bilinear pairings. Wireless Personal Communications, 83(2), 1273–1286. https://doi.org/10.1007/s11277-015-2449-4.

    Article  Google Scholar 

  15. Hafizul, S. K., & Biswas, I. G. P. (2015). Design of two-party authenticated key agreement protocol based on ECC and self-certified public keys. Wireless Personal Communications, 82(4), 2727–2750. https://doi.org/10.1007/s11277-015-2375-5.

    Article  Google Scholar 

  16. Bakhtiari-Chehelcheshmeh, S., & Hosseinzadeh, M. (2016). A new certificateless and secure authentication scheme for ad hoc networks. Wireless Personal Communications. https://doi.org/10.1007/s11277-016-3721-y.

    Google Scholar 

  17. Mayzaud, A., Badonnel, R., & Chrisment, I. (2016). A Taxonomy of Attacks in RPL-based Internet of Things. International Journal of Network Security, 18(3), 459–473. https://hal.inria.fr/hal-01207859. Accessed 20 Jan 2017.

  18. Tsao, T., Alexander, R., Dohler, M., Daza, V., Lozano, A., & Richardson, M. (2015). A security threat analysis for the routing protocol for low-power and lossy networks (RPLs). IETF, RFC 7416. https://tools.ietf.org/html/rfc7416. Accessed 18 Feb 2017.

  19. Le, A., Loo, J., Luo, Y., & Lasebae, A. (2011). Specification-based IDS for securing RPL from topology attacks. In Wireless Days (WD), 2011 IFIP (pp. 1–3). https://doi.org/10.1109/wd.2011.6098218.

  20. Dvir, A., & Buttyan, L. (2011). VeRA-version number and rank authentication in rpl. In Proceedings of IEEE 8th international conference on mobile adhoc and sensor systemsMASS 2011 (pp. 709–714). IEEE. https://doi.org/10.1109/mass.2011.76.

  21. Weekly, K., & Pister, K. (2012). Evaluating sinkhole defense techniques in RPL networks. In Proceeedings of 20th IEEE international conference on network protocolsICNP 2012 (pp. 1–6). IEEE. https://doi.org/10.1109/icnp.2012.6459948.

  22. Wallgren, L., Raza, S., & Voigt, T. (2013). Routing attacks and countermeasures in the RPL-based Internet of Things. International Journal of Distributed Sensor Networks, 9, 400–410. https://doi.org/10.1155/2013/794326.

    Article  Google Scholar 

  23. Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., & Schönwälder, J. (2015). Mitigation of topological inconsistency attacks in RPL-based low-power lossy networks. International Journal of Network Management, 25(5), 320–339. https://doi.org/10.1002/nem.1898.

    Article  Google Scholar 

  24. Perrey, H., Landsmann, M., Ugus, O., Schmidt, T. C., & Wählisch, M. (2013). TRAIL: Topology authentication in RPL. In Proceedings of the 2016 international conference on embedded wireless systems and networksEWSN 2016 (pp. 50–56). ACM.

  25. Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120–126. https://doi.org/10.1145/359340.359342.

    Article  MathSciNet  MATH  Google Scholar 

  26. Whiting, D., Ferguson, N., & Housley, R. (2003). Counter with cbc-mac (ccm). IETF, RFC 3610. https://tools.ietf.org/html/rfc3610. Accessed 25 Feb 2017.

  27. Wander, A. S., Gura, N., Eberle, H., Gupta, V., & Shantz, S. C. (2005). Energy analysis of public-key cryptography for wireless sensor networks. In Proceedings of Third IEEE international conference on pervasive computing and communicationsPerCom 2005 (pp. 324–328). IEEE. https://doi.org/10.1109/percom.2005.18.

  28. Piotrowski, K., Langendoerfer, P., & Peter, S. (2006). How public key cryptography influences wireless sensor node lifetime. In Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks (pp. 169–176). ACM. https://doi.org/10.1145/1180345.1180366.

  29. Gura, N., Patel, A., Wander, A., Eberle, H., & Shantz, S. C. (2004, August). Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In International workshop on cryptographic hardware and embedded systems (pp. 119–132). Springer. https://doi.org/10.1007/978-3-540-28632-5_9.

  30. Yasmin, R., Ritter, E., & Wang, G. (2010). An authentication framework for wireless sensor networks using identity-based signatures. In Proceedings of IEEE international conference on computer and information technologyCIT 2010 (pp. 882–889). IEEE. https://doi.org/10.1109/cit.2010.165.

  31. Xu, S., Mu, Y., & Susilo, W. (2005). Efficient authentication scheme for routing in mobile ad hoc networks. In Embedded and ubiquitous computingEUC 2005 Workshops (pp. 854–863). Springer. https://doi.org/10.1007/11596042_88.

  32. Zhang, J., Yang, Y., Niu, X., Gao, S., Chen, H., & Geng, Q. (2009). An improved secure identity-based on-line/off-line signature scheme. In International conference on information security and assurance (pp. 588–597). Springer. https://doi.org/10.1007/978-3-642-02617-1_60.

  33. Xu, S., Mu, Y., & Susilo, W. (2006). Online/Offline signatures and multisignatures for AODV and DSR routing security. In Australasian conference on information security and privacy (pp. 99–110). Springer. https://doi.org/10.1007/11780656_9.

  34. Ming, Y., & Wang, Y. (2010, October). Improved identity based online/offline signature scheme. In 2010 7th international conference on ubiquitous intelligence & computing and 7th international conference on autonomic & trusted computing (UIC/ATC) (pp. 126–131). IEEE. https://doi.org/10.1109/uic-atc.2010.20.

  35. Liu, J. K., Baek, J., Zhou, J., Yang, Y., & Wong, J. W. (2010). Efficient online/offline identity-based signature for wireless sensor network. International Journal of Information Security, 9(4), 287–296. https://doi.org/10.1007/s10207-010-0109-y.

    Article  Google Scholar 

  36. Li, F., Shirase, M., & Takagi, T. (2008, December). On the security of online/offline signatures and multisignatures from acisp’06. In International conference on cryptology and network security (pp. 108–119). Springer. https://doi.org/10.1007/978-3-540-89641-8_8.

  37. Boyen, X. (2003). Multipurpose identity-based signcryption. In Proceedings of international conference on cryptologyCRYPTO 2003, (pp. 383–399). Springer. https://doi.org/10.1007/978-3-540-45146-4_23.

  38. Barreto, P. S., Libert, B., McCullagh, N., & Quisquater, J. J. (2005). Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In International conference on the theory and application of cryptology and information security (pp. 515–532). Springer. https://doi.org/10.1007/11593447_28.

  39. Libert, B., & Quisquater, J. J. (2003, January). A new identity based signcryption schemes from pairings. In Proceedings of the 2003 IEEE workshop on information theoryITW 2003 (pp. 155–158). IEEE. https://doi.org/10.1109/itw.2003.1216718.

  40. Vasseur, J. P., Kim, M., Pister, K., Dejean, N., & Barthel, D. (2012). Routing metrics used for path calculation in low-power and lossy networks. IETF, RFC 6551. https://tools.ietf.org/html/rfc6551. Accessed 10 Jan 2017.

  41. Shim, K. A., Lee, Y. R., & Park, C. M. (2013). EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks. Ad Hoc Networks, 11(1), 182–189. https://doi.org/10.1016/j.adhoc.2012.04.015.

    Article  Google Scholar 

  42. Pointcheval, D., & Stern, J. (2000). Security arguments for digital signatures and blind signatures. Journal of cryptology, 13(3), 361–396. https://doi.org/10.1007/s001450010003.

    Article  MATH  Google Scholar 

  43. Choon, J. C., & Cheon, J. H. (2003). An identity-based signature from gap Diffie–Hellman groups. In International workshop on public key cryptography (pp. 18–30). Springer. https://doi.org/10.1007/3-540-36288-6_2.

  44. Cao, X., Kou, W., Dang, L., & Zhao, B. (2008). IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks. Computer Communications, 31(4), 659–667. https://doi.org/10.1016/j.comcom.2007.10.017.

    Article  Google Scholar 

  45. Ma, C., Xue, K., & Hong, P. (2014). Distributed access control with adaptive privacy preserving property for wireless sensor networks. Security and Communication Networks, 7(4), 759–773. https://doi.org/10.1002/sec.777.

    Article  Google Scholar 

  46. Shim, K. A. (2014). S 2 DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks. Ad Hoc Networks, 19, 1–8. https://doi.org/10.1016/j.adhoc.2014.01.011.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Electrical and Computer Engineering, Islamic Azad University, Science and Research Branch, Tehran, Iran

    Mohammad Nikravan

  2. Department of Computer Engineering, Sharif University of Technology, Tehran, Iran

    Ali Movaghar

  3. Iran University of Medical Sciences, Tehran, Iran

    Mehdi Hosseinzadeh

  4. Computer Science, University of Human Development, Sulaimaniyah, Iraq

    Mehdi Hosseinzadeh

Authors
  1. Mohammad Nikravan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ali Movaghar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mehdi Hosseinzadeh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ali Movaghar.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nikravan, M., Movaghar, A. & Hosseinzadeh, M. A Lightweight Defense Approach to Mitigate Version Number and Rank Attacks in Low-Power and Lossy Networks. Wireless Pers Commun 99, 1035–1059 (2018). https://doi.org/10.1007/s11277-017-5165-4

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-5165-4

Keywords

Search

Navigation