Toward Collusion-Robust Link-State Routing in Open Networks

Open, self-organized networks present a formidable routing security challenge. When strangers are allowed to join the network as full citizens rather than just guests with limited privileges, new security paradigms must be adopted. Instead of making use of manual configuration phases or online certification authorities, we must rely on the routing layer to be robust against all manner of attacks, possibly mounted by powerful adversaries. With the explicit purpose of supporting byzantine secure routing in open multi-hop wireless networks, we propose a novel routing protocol design. The key components of our approach are the following: (a) we use link state information as the basis for routing, (b) we use asymmetric cryptography to authenticate link-state updates, limiting attackers to announcing fake links incident on themselves, (c) we develop a randomized feedback-based path generation algorithm to detect and route around attackers. We demonstrate that our protocol performs well under several attacks which are not handled by previous secure routing protocols. An interesting effect of our algorithm is that overly aggressive attacks are easier to detect and isolate. Thus, attackers are forced to: (a) let some traffic through, and (b) limit the number of potentially falsified links they announce. Otherwise, their negative effect in the network is reduced. This effectively limits the efficacy of any attack to a fraction of what would otherwise be possible.