{"title":"优化链路状态路由协议版本2 (OLSRv2)中的路由器和链路导纳控制","authors":"T. Clausen, U. Herberg","doi":"10.1109/NSS.2010.20","DOIUrl":null,"url":null,"abstract":"This paper presents security mechanisms for router and link admittance control in OLSRv2. Digitally signing OLSRv2 control messages allows recipient routers to - individually - choose to admit or exclude the originating router for when populating link-state databases, calculating MPR sets etc. By additionally embedding signatures for each advertised link, recipient routers can also control admittance of each advertised link in the message, rendering an OLSRv2 network resilient to both identity-spoofing and link-spoofing attacks. The flip-side of the coin when using such a link-admittance mechanism is, that the number of signatures to include in each OLSRv2 control message is a function of the number of links advertised. For HELLO messages, this is essentially the number of neighbor routers, for TC messages, this is the number of MPR Selectors of the originator of the message. Also, upon receipt of a control message, these signatures are to be verified. This paper studies the impact of adding a link-admittance control mechanism to OLSRv2, both in terms of additional control-traffic overhead and additional in-router processing resources, using several cryptographic algorithms, such as RSA and Elliptic Curve Cryptography for very short signatures.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Router and Link Admittance Control in the Optimized Link State Routing Protocol Version 2 (OLSRv2)\",\"authors\":\"T. Clausen, U. Herberg\",\"doi\":\"10.1109/NSS.2010.20\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents security mechanisms for router and link admittance control in OLSRv2. Digitally signing OLSRv2 control messages allows recipient routers to - individually - choose to admit or exclude the originating router for when populating link-state databases, calculating MPR sets etc. By additionally embedding signatures for each advertised link, recipient routers can also control admittance of each advertised link in the message, rendering an OLSRv2 network resilient to both identity-spoofing and link-spoofing attacks. The flip-side of the coin when using such a link-admittance mechanism is, that the number of signatures to include in each OLSRv2 control message is a function of the number of links advertised. For HELLO messages, this is essentially the number of neighbor routers, for TC messages, this is the number of MPR Selectors of the originator of the message. Also, upon receipt of a control message, these signatures are to be verified. This paper studies the impact of adding a link-admittance control mechanism to OLSRv2, both in terms of additional control-traffic overhead and additional in-router processing resources, using several cryptographic algorithms, such as RSA and Elliptic Curve Cryptography for very short signatures.\",\"PeriodicalId\":127173,\"journal\":{\"name\":\"2010 Fourth International Conference on Network and System Security\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 Fourth International Conference on Network and System Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NSS.2010.20\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Fourth International Conference on Network and System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSS.2010.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Router and Link Admittance Control in the Optimized Link State Routing Protocol Version 2 (OLSRv2)
This paper presents security mechanisms for router and link admittance control in OLSRv2. Digitally signing OLSRv2 control messages allows recipient routers to - individually - choose to admit or exclude the originating router for when populating link-state databases, calculating MPR sets etc. By additionally embedding signatures for each advertised link, recipient routers can also control admittance of each advertised link in the message, rendering an OLSRv2 network resilient to both identity-spoofing and link-spoofing attacks. The flip-side of the coin when using such a link-admittance mechanism is, that the number of signatures to include in each OLSRv2 control message is a function of the number of links advertised. For HELLO messages, this is essentially the number of neighbor routers, for TC messages, this is the number of MPR Selectors of the originator of the message. Also, upon receipt of a control message, these signatures are to be verified. This paper studies the impact of adding a link-admittance control mechanism to OLSRv2, both in terms of additional control-traffic overhead and additional in-router processing resources, using several cryptographic algorithms, such as RSA and Elliptic Curve Cryptography for very short signatures.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
