In recent years, a new era has emerged in Internet networks called the Internet of Things (IoT) [1–2]. It is noteworthy that the Internet of Things has become extremely important, and its efficiency in connecting the billions of objects used has led to its expansion around the world [3–4]. The advent of the Internet of Things has led to the emergence of a particular category of networks that can be known as low-power networks and loss networks (LLN) [5–6]. LLNs can be used efficiently and practically in designing and manufacturing commercial devices for emerging markets. The Internet of Things includes the deployment of large-scale low-power networks (LLNs), including resource-limited devices such as sensors and RFIDs [7]. One of the challenges in LNNs is routing, which requires an effective routing protocol that meets the requirements of the program [8]. The Internet Engineering Task Force (IETF) proposed the 6LOWPAN Applicable Protocol for LLNs in the IoT environment [9]. One of the basic requirements for implementing and deploying LNNs on a large scale is routing in that infrastructure, and the protocols used for routing in WSN are not suitable for LNNs in an IoT network. Therefore, the IETF has provided a routing protocol for low power networks and loss (RPL) for LLNs in the Internet of Things. RPL is fully compatible with LLNs and supports all their traffic flow requirements in a wide range of applications [10]. The RPL routing protocol is based on IPv6 [11]. Restrictions on RPL-based networks cause network nodes to be exposed to a variety of security attacks [12]. In addition, RPL does not support security features and cannot provide complete security and routing security, thus making it vulnerable to all types of network attacks [13]. Even if encryption mechanisms are used for security, they can only prevent external attacks. When nodes in the network are compromised, they can become an internal enclosure within the network, in which case encryption techniques alone will not be able to protect the network. Extensive studies have been conducted on IoT network security. Since a large number of devices and network nodes use the RPL protocol, a huge range of network entities is exchanging important data. So, security in RPL becomes a very important issue that needs to be addressed significantly. Because in the routing process, the data that is being transmitted should not be accessed by an intruder or an unauthorized third party on the network or leaked out of the network. Although several security measures have been considered for the security of the RPL protocol, there are threats to the security of this protocol.
In this article, the vulnerabilities and security requirements of IoT have been examined. Since IOT includes a wide range of network devices and users, information security and privacy of the entities of this network are of great importance. Because network attackers can cause significant damage to this network by accessing or even causing a delay in reaching the destination. In IoT, many nodes have low computing power and are forced to use symmetric encryption systems to implement their security policies. But due to the use of a fixed key in this type of encryption system, when the symmetric key is exposed, it puts the whole network at risk. According to the investigations, we have presented a key agreement scheme and multiple authentications to improve the security of IoT network nodes. Also, due to the high vulnerability of network nodes with low computing power, we tried to make our presented method highly compatible with these types of IoT network nodes.
The protocol provided significant features as follows.
1- Improving the symmetric encryption system
The presented protocol provides a mechanism using the ECDH theory that network nodes can create their symmetric encryption key in each connection and a fixed symmetric key is no longer used for all entities. The symmetric key generated in each connection is unique and according to ECDH theory, it is impossible to calculate by attackers.
2- Multiple authentication mechanisms based on ECDH theory
In addition to using the private parameters of the communication nodes, the presented protocol also uses the ECDH theory to strengthen the authentication mechanism of the nodes.
3- Significant reduction in the computational cost of the protocol process
Due to the presence of low-power nodes in the network, a protocol has been provided to maintain its security features by significantly reducing the calculation time of the protocol operation. The computational cost of the proposed protocol is significantly lower than the related protocols.
In the following, the theories (ECC, ECDLP, ECDH) used in the proposed protocol, security challenges of the RPL routing protocol for routing low-power network nodes, and Security challenges in IoT are described.
A. Concepts of the cryptographic system:
1. Elliptical Curve Cryptography
Elliptic curve (ECC) cryptography is one of the modern techniques in the world of public-key cryptography and encryption, which is based on the elliptic curve theory. This asymmetric encryption mechanism can be used to create faster, smaller, and more efficient encryption keys. The ECC uses a mathematical process to merge two separate keys, and its output is used to encrypt and decrypt data. This asymmetric cryptography system uses an elliptical curve called E and a set of points with coordinates, 𝑝𝑓⋸ ∗ 𝑝𝑓⋸ () x, y. The points along the graph are represented by the following equations:
Y2 = x3 + ax + b
Where a,b ⋸ fp and 4a3 + 27b2 ╪ 0
The elliptic curve cryptography system consists of the sum of points and point multiplication, which are the two main factors of this cryptographic mechanism. The point multiplication factor is also called scalar multiplication. An example of scalar multiplication by multiplying K by P is given below to better understand this factor.
KP = P + P + P + P…. +P
2. Elliptic Curve Discrete Logarithm Problem (ECDLP)
In the ECC cryptographic system, the computational problem of the discrete logarithm problem of an elliptic curve is abbreviated to ECDLP, which forms the basic block in the pairing-based and elliptic curve mechanism. Now if we have two points named P and Q on the surface of an elliptic curve, the point Q is the result of calculating the scalar multiplication of the value of K at the point P. Given the problem of discrete logarithms mentioned earlier, if we have two points P and Q, it is very difficult and even impossible to calculate the parameter k, even with those two parameters. In the ECC encryption mechanism, this difficulty and impossibility of calculating the parameter are known as ECDLP or hard ellipse curve problems [14–15].
3. Delphi-Hellman ECDH Elliptic Curve
Other sub-theories of the ECC subset include Elliptic Curve Diffie–Hellman Key Exchange (ECDH), which is a method for key agreement between two entities based on anonymity. In this mechanism, each of the two communication parties has public and private keys based on the elliptic curve, which allows them to create their common session key or secrets in a secure name channel. Other sub-theories of the ECC subset include Elliptic Curve Diffie–Hellman Key Exchange (ECDH), which is a method for key agreement between two entities based on anonymity. In this mechanism, each of the two communication parties has public and private keys based on the elliptic curve, which allows them to create their common session key or secrets in a secure name channel. Consider the elliptic curve and assume that two points 𝑝. ai and 𝑝. 𝑏i are on the surface of this curve. The Delphi-Hellmann Curve (ECDH) problem expresses the principle that if a resident on the network has access to these two points, It is impossible for he/she to reach bi (ai. p) and ai (bi. p).
B. RPL Overview
The Routing Protocol for low power and lossy networks (RPL) is an IPv6-based routing protocol. This protocol was developed by the IETF Group and can be identified as Routing Over Low Power and Lossy Networks (ROLL) [16]. The purpose of designing this protocol is to present it as a standard for low-consumption and lossless networks that can include all sensor nodes in an IoT network. RPL works by exploring routes by setting up an RPL network, hence it is considered an active routing protocol. This routing protocol forms a tree-like topology known as the destination non-cyclical directional graph (DODAG). In an RPL network, each node selects a parent based on predefined criteria, which acts as a gateway to that node. When a node intends to send a packet to its intended destination, it does not have a routing table for it. So, he has to pass that package to his parent who has a route to the next destination or transfer. This process continues until it reaches the final destination in the tree. One of the most important factors for an RPL is the choice of path, which uses several criteria for this purpose. 3 traffic patterns can be mentioned for RPL packages. First, point-to-point (MP2P) traffic was sent from the leaves to the roots via upward paths. The second is point-to-point (P2MP) traffic from root to leaf using downward paths. Finally, the third pattern of point-to-point (P2P) traffic is represented by red dotted arrows using up and down paths.
C. RPL Security and challenges
The development and implementation of appropriate security mechanisms in low-power and lossy networks are critical [17–18]. As mentioned earlier, the IoT network has resource constraints for many network nodes, which makes the implementation and deployment of security mechanisms in RPL very complex and difficult. In the routing process, RPL transmits information between network nodes, and many security challenges have been identified. IoT network nodes exchange packets for routing and addressing, which requires the definition of protocols and security mechanisms for routing packets being transmitted. These mechanisms and protocols must be compatible with different network topologies [19]. In general, RPL devices are vulnerable due to their inability to resist tampering and allow network attackers to capture IoT nodes. In addition, it is possible to extract encrypted information and allow legal activity for an unauthorized node. An attacker with the ability to act as a network node tries to execute malicious code and try to change the routing rules. Each network node is responsible for processing, which makes it difficult to detect variable and destructive effects [20]. In the routing process between nodes, there are potential threats and security issues that cause vulnerabilities that can endanger users' lives in cases such as human health monitoring devices [21]. As in any network, the protection and security of network data are very important, so in RPL routing, this is an important and challenging issue. A malicious node sends packets that are being transmitted across the network to carry out their unauthorized activities. This enables the malicious person or node to perform all kinds of attacks on the data being routed [22]. However, research shows that the standards defined for RPL protocol security are not able to meet the security challenges of the IoT network.
Usually, there are other security mechanisms in the link layer that are used in some infrastructures. The RPL standard for security has introduced three modes that can provide security features of message confidentiality and integrity.
Unsecure mode
In this case, the control messages sent by RPL are delivered without any security mechanism in the network. It is possible to adopt security requirements and mechanisms in another layer, such as the link layer.
Pre-installed mode
In this node, any node that intends to join an RPL must have pre-defined keys. This is to ensure the security of RPL messages.
Authenticated Mode
This section is somewhat similar to the second mode, Pre-Installed. There are also pre-defined keys in this section, but with the difference that the keys are only for joining the RPL as a leaf node. The key can also be obtained from a central authentication reference.
Another security challenge in RPL is the large amount of information sent by network users, and the confidentiality of this data must be maintained. There are different encryption techniques to protect the privacy of users and the confidentiality of network users' information. These cryptographic systems are used for user authentication, privacy, and defense against a variety of network attacks. In addition, they provide conditions for the network that unauthorized persons are not able to operate and access network information. There are two techniques to use data encryption systems: symmetric and asymmetric encryption. The RPL protocol uses a symmetric encryption system to secure its data, which costs less than an asymmetric one. From the attack of symmetric encryption algorithms and standards, one can go to Advanced Encryption Standard (AES) and Message Authentication Code (CBC-MAC Counter (CCM)) - (AES / CCM) pointed out. In an asymmetric encryption system, the two sides of the communication use a secret key that is already shared between them to encrypt the data. A common key is used for all nodes, which makes it easier for the network attacker to access. If an attacker on the network has access to secret keys under certain conditions, he/she can carry out his malicious actions on the network and even insert his malicious nodes into the network. In such a case, the network becomes vulnerable to all kinds of security attacks and the security and privacy of network nodes are compromised. Once the secret keys of the network are exposed to the network attackers, the cryptographic systems will no longer be able to protect the network [23–24]. As mentioned, research shows that RPL has experienced significant vulnerabilities, so improvements in security mechanisms and the RPL routing protocol authentication system are essential [25–26]. The routing protocol requires mechanisms for identifying inconsistencies, loop avoidance, validation, and detecting inconsistencies. Although the security requirements for RPL security have been provided by the IEFT, a valid security model has not been identified, which has posed challenges to the routing protocol security. The key management mechanism in RPL does not specify the characteristics, authentication, and secure connection of nodes, which is a weakness in the design of the security standard. This design weakness makes the RPL protocol vulnerable to a variety of attacks [27]. Table 1 shows the types of routing attacks.
Table 1
Attack
|
Feature of the attach
|
Consequences on network’s performance
|
Rank
|
Rank field and strict rank rules are exploited.
|
Generates routing loops. Increases end-to-end delay, PDR, control packet overhead, congestion, and energy consumption. Introduces unoptimized routes.
|
Spoofing/replaying
Information
|
Create non-existent
information or partially
modify data
|
Attracting/repelling network traffic,
creating routing loops.
|
Selective forwarding
|
Refusing to forward
massages from selected
nodes
|
Reducing traffic and increasing data
loss
|
Blackhole
|
Failing to forward any
data packets including
its own
|
Reducing traffic and increasing data
loss
|
Sniffing
|
Network traffic is eavesdropped for obtaining routing information from packets.
|
Introduces privacy concerns.
|
Sinkhole
|
Advertising false information to create a center
of attraction for other
nodes.
|
Compromise of transmission routes,
reducing traffic and increasing data
loss.
|
Node replication
|
Physical capturing of a
node, its replication and
deployment back into
the network.
|
Compromise of transmission routes,
eavesdropping on the falsely created
links.
|
Jamming
|
Attacker transmits with high power radio signals to
introduce heavy interference.
|
Decreases PDR and increases energy consumption.
|
Wormhole
|
Create a low-link tunnel
between two malicious
nodes in different parts
of network
|
Sending data to the false distention,
undermining cryptography protection.
|
Sybil
|
Single nodes contain multiple logical identities.
|
Overcomes voting schemes, and compromises transmission routes by taking control of the network.
|
Hello flood
|
Broadcasting a hello
packet to the whole
network with great
transmission power.
|
Increasing energy degradation and
collisions, create false transmission
routes.
|
D. IoT Security challenges
The Internet of Things has provided many benefits to the users of this network, but despite this, there are challenges for this network. One of the most important challenges that researchers and security experts have pointed out is the cyber security and privacy risks of the Internet of Things network. Due to the connection of networks in the Internet of Things, access from the Internet is anonymous and unreliable, common cyber security attacks have made the Internet of Things network vulnerable [11]. The Internet of Things consists of a wide variety of devices, equipment, and computers, which makes it more vulnerable to various types of attacks and security challenges. The connection of IoT devices means that if a device in this network has poor security and connectivity, it can affect the security and flexibility of the Internet internationally.
A large amount of data is exchanged on the Internet of Things, which makes information security one of the most vulnerable areas. For example, we can mention contactless credit cards. These cards provide the possibility of reading the number and name of the cards without authentication of the Internet of Things and the conditions for them to purchase goods using the bank account number of the cardholder and their identity. One of the most common IoT attacks is the man in the middle. This attack causes the bank server to recognize the performed transaction as a valid event [19].
Even though the issue of security is not new in the information and technology sector, the implementation of the Internet of Things has presented challenges that must be addressed. One of the important security features is the authentication of network entities. Unfortunately, the Internet of Things is weak in providing this feature and suffers from various vulnerabilities, which is one of the most important issues in providing security in many programs.
Paper organization
Our goal in this paper is to focus on addressing the security challenges of the RPL protocol in routing nodes in the Internet of Things and providing a secure method of exchanging session keys as well as authentication of communication parties. The article is organized as follows. Related works are presented in the second section. Section III provides a proposed protocol for securing RPL. The security simulation results of the proposed protocol using the AVISPA network protocol review tool and the protocol resistance of the protocol against common network attacks are presented in Section IVSection V compares the performance of the proposed protocol in terms of computational cost and also compares it with other protocols related to RPL and IoT security. Finally, the conclusion of the paper is reported in section VI.