Krentz, Konrad-Felix; Rafiee, Hosnieh; Meinel, Christoph
Proceedings of the 1st ACM International Workshop on Adaptive Security & Privacy Management for the Internet of Things (ASPI 2013)
6LoWPAN is a protocol stack for seamlessly integrating 802.15.4-based wireless sensor networks with IPv6 networks. The security of 6LoWPAN widely depends on the 802.15.4 security sublayer. This sublayer also supports pairwise keys so as to mitigate node compromises. Currently, the establishment of pairwise keys is however unspecified. Moreover, broadcast keys are shared among multiple nodes, which is not compromise resilient. In this paper, we propose two energy-efficient and DoS-resilient 802.15.4 add-ons to fill these gaps: First, a pairwise key establishment scheme, which is adaptable to different 6LoWPAN networks and threat models. Second, an easy-to-implement and compromise-resilient protocol for authenticating broadcast frames. Together, our add-ons contain the effects of node compromises and provide a basis for detecting compromised nodes autonomously. We implemented both add-ons in Contiki and tested them on TelosB motes.