TRAIL: Topology Authentication in RPL

TL;DR

TRAIL is a scalable topology authentication scheme for RPL in IoT networks that detects topological attacks without heavy cryptography, enhancing security in low-power lossy environments.

Contribution

The paper introduces TRAIL, a novel topology authentication method for RPL that identifies attackers efficiently without relying on cryptographic solutions.

Findings

TRAIL effectively detects topological attacks in RPL networks.

TRAIL operates reliably without heavy cryptographic overhead.

The scheme is scalable for large IoT deployments.

Abstract

The IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) was recently introduced as the new routing standard for the Internet of Things. Although RPL defines basic security modes, it remains vulnerable to topological attacks which facilitate blackholing, interception, and resource exhaustion. We are concerned with analyzing the corresponding threats and protecting future RPL deployments from such attacks. Our contributions are twofold. First, we analyze the state of the art, in particular the protective scheme VeRA and present two new rank order attacks as well as extensions to mitigate them. Second, we derive and evaluate TRAIL, a generic scheme for topology authentication in RPL. TRAIL solely relies on the basic assumptions of RPL that (1) the root node serves as a trust anchor and (2) each node interconnects to the root as part of a hierarchy. Using proper reachability tests, TRAIL scalably and reliably identifies any topological attacker without strong cryptographic efforts.