[riot-devel] RPL security extension
martin.landsmann at haw-hamburg.de
Tue Feb 11 13:38:12 CET 2014
I would like to provide security extensions to the RIOT-OS RPL implementation.
I probably identified the essential point(s) to start and hook a securing scheme for the routing process.
The first candidate is in the rpl worker thread (rpl_process) that waits for message reception to dispatch the incoming ICMP.
Processing DIOs is basically the crucial part here, as the provided information from the DIO directly affect the parent election.
The second one, and directly related to the first, would be the parent election process itself.
A Node have to be sure about that a potential parent node does not pretend an arbitrary rank.
With a secured parent election, no untrusted node is used as router by other nodes. (that's the basic idea)
So this seems to be the best suited (at least starting-) point to hook a security scheme for RPL.
In the diagram from Fabian on 'RPL at future state', the hook would reside in 'RPL Dodag'.
I want to start the implementation here and encapsulate the TRAIL scheme from PR #386 (https://github.com/RIOT-OS/RIOT/pull/386) with the hooks.
Regarding the 'RPL at future state' diagram, the hook(s) will migrate to the commonly used 'Forwarding Tables' and secure the 'Next Hop'.
I would ask what you think about it? Does it sound reasonable?
More information about the devel