Hybrid Protection of OLSR

1. Hybrid Protection of OLSR Anne Marie Hegland* Pål Spilling* Leif Nilsen*Øivind Kure‡ *UniK, University Graduate Center at Kjeller, Norway §Q2S, NTNU, Trondheim, Norway

2. Outline • Related Work • OLSR • Motivation for the hybrid protection scheme • The hybrid protection scheme • Protocol Outline • Security Considerations • Performance • Conclusions

3. Related work • SOLSR by Hong, Hong and Fu (AINA 2005) • All messages signed • Hash chains protect TTL and HopCount fields • Detect wormholes on the basis of Round-Trip-Time • Replay protection of OLSR • Timestamps • Adjih et al. (Med-Hoc-Net 2003) • Hafslund et al. (OLSR Interop and Workshop 2004) • MSN-receipts • Winjum et al. (ICN 2005) No need to protect OLSR TTL & HopCount. Hard to distinguish added delay due to wormhole from lower layer media contention MSN-receipt scales better than the time stamp-based solutions (Winjum et al. MILCOM ’05)

4. OLSR: The Optimized Link State Routing Protocol (RFC3626) • Proactive • Routing messages flooded by Multi Point Relay (MPR) nodes • Routing messages • All nodes: Hello • MPR nodes:TC(Topology Control) • Nodes with more interfaces: • MID(Multiple Interface Declaration) • HNA (Host and Network Association) A B C D Classical flooding A Flooded B C D MPR MPR flooding

5. Hello: Node A at your service! Motivation for securing OLSR • Threats: • Exhaustion • Route corruption • Replay • Blackhole • Masquerade • Selfish nodes • Wormholes • Eavesdropping • Byzantine Behavior Shall I believe that? Oh yeah? Hmmm.. Is that true? A main challenge: Trust establishment Authenticate the routing messages!

6. Cryptographic schemes

7. The hybrid protection scheme – protocol outline • Aim: a reliable network service • Utilize OLSR characteristics • Proactive broadcast nature • Many keep-alive messages • MPR selection and Topology changes most important to protect HELLO HELLO MSNi MSN1 hx hn h(MSNi-MSN1)(hx)=hn? sign t+a Routing Message Reception time t • Basics: IBS+hash chain • All messages include a fresh value from a hash chain • Sign periodically and when topology changes Hash chain

8. Packet and Message formats OLSR standard formats RFC3626 Hybrid protection scheme MSN-receipts for replay protection adopted from Winjum et al. (ICN’05)

9. Protocol outline: Routing message reception Receive message Old hash anchor available? Y N N New Message & hash OK? N Signed OK ? Discard Discard Y Y N N Y MSN-receipt OK? Discard Signed ? TC change or MSN-receipt errors ? Y Y Store hash anchor Distrust Continue process according to RFC 3626 N

10. Security Considerations hash + signatures inhibit persisting successful attacks Hash inhibit successful insertions C = malicious node Hash + MSN-receipts + signatures inhibit successful replays Neither hash, nor signatures enough! .... how likely are these attacks?

11. Performance: Channel utilization 1024/80:(1:3) refer to: -Signature size 1024 bits -Hash size 80 bits -Every 4th message signed

12. Conclusions • A reliable network service does not require all routing messages to be signed • The broadcast nature of the routing protocol combined with hash values make successful attacks harder. • Significant bandwidth savings can be obtained by combining signatures with hash values • Method applicable to other protocols as well

13. Thank You for Your attention!