A Secure and Efficient Low-power Bootstrapping and Commissioning Protocol for 6LoWPAN

Abstract

This thesis is devoted to define a novel bootstrapping protocol for 6LoWPAN (IPv6 based Lowpower Wireless Personal Area Network). Bootstrapping is the way of associating a new node with a specific network with or without minimum human intervention and gets connected with the desired network. Generally, the gateway or the Personal Area Network (PAN) coordinator of a 6LoWPAN network is multihop away from new sensor nodes. In this thesis, we propose a novel protocol ？gLow-power Bootstrapping and Commissioning Protocol (LBCP)？h for 6LoWPAN which satisfies multihop property of 6LoWPAN. In our protocol we assume three different kinds of sensor nodes called a new device as LBD, an already bootstrapped device as LBA, and the gateway or the PAN coordinator as LBS. An LBA helps an LBD to communicate with the LBS and eventually gets connected with the network. For secure authentication of new sensor nodes we propose to use existing EUI-64 address and ？gjoin key？h which are known by the LBS. We call this method as centralized approach. We also introduce the concept of semidistributed approach where ？gjoin keys？h of new nodes are randomly distributed to agent nodes or LBAs, and LBAs can perform bootstrapping actions without help of the LBS. We propose two novel LBA selection algorithms to select the best LBA in the bootstrapping phase for both centralized and semi-distributed approaches. To prevent denial-of-service (DoS) attack in the bootstrapping phase we provide some roles to LABS and already commissioned devices, and define a blacklisting policy in the LBS. To show the effectiveness of our protocol we simulate our protocol in a discrete event simulator called QualNet. The simulation results show that our protocol is scalable as well as efficient in terms of number of control packets exchanged in the bootstrapping phase and average end-to-end delay between LBD and LBS. We compare LBCP with basic flooding scheme where bootstrapping is performed using only broadcast of request and reply messages. Latter, we discuss about various security attacks in bootstrapping phases and how we can provide solution for those attacks. Finally, we argue that the usage of agent nodes is very useful for secure network bootstrapping of 6LoWPAN.