Securing 6LoWPAN Neighbor Discovery

Abstract

The IEEE 802.15.4-based 6LoWPAN is a de facto standard platform for a variety of Internet-of-Things applications. To bootstrap the low-power wireless personal area Network (LoWPAN), each device must perform the 6LoWPAN neighbor discovery (6LoWPAN-ND) address registration so that a unique IPv6 address can be allocated to each device. Without a suitable security mechanism, the 6LoWPAN-ND is vulnerable to various security attacks including the compromised node attack. Although a few security mechanisms have been proposed, they are not satisfactory as they depend on the IEEE 802.15.4 hop-by-hop security without specifying how to share the hop-by-hop keys and without considering the compromised node attack. As previous studies for securing 6LoWPAN-ND address registration have security weaknesses, a new security mechanism resilient to compromised node attack, and with a key management system for the IEEE 802.15.4 hop-by-hop security embedded in its design, is proposed and analyzed in this article. We also show that the proposed security mechanism is compatible with the Internet engineering task force (IETF) standard and is more efficient than the mechanism proposed in IETF 6lo WG.