A Security Threat Analysis for the Routing Protocol for Low-Power and Lossy Networks (RPLs)
RFC 7416
Document Type RFC - Informational (January 2015; No errata)
Last updated 2015-10-14
Replaces draft-ietf-roll-security-framework
Stream IETF
Formats plain text pdf html bibtex
Reviews
GENART Telechat Review (of -10): Ready with Issues
RTGDIR Last Call Review (of -09): Not Ready
GENART Last Call Review (of -09): Ready with Issues
SECDIR Telechat Review (of -01): Has Issues
GENART Last Call Review (of -00): Ready with Nits
SECDIR Last Call Review (of -00): Has Issues
Stream WG state Submitted to IESG for Publication
Document shepherd Robert Cragie
Shepherd write-up Show (last changed 2014-07-31)
IESG IESG state RFC 7416 (Informational)
Consensus Boilerplate Yes
Telechat date
Responsible AD Adrian Farrel
Send notices to (None)
IANA IANA review state Version Changed - Review Needed
IANA action state No IANA Actions
Email authors Email WG IPR References Referenced by Nits 
Internet Engineering Task Force (IETF)                           T. Tsao
Request for Comments: 7416                                  R. Alexander
Category: Informational            Eaton's Cooper Power Systems Business
ISSN: 2070-1721                                                M. Dohler
                                                                    CTTC
                                                                 V. Daza
                                                               A. Lozano
                                                Universitat Pompeu Fabra
                                                      M. Richardson, Ed.
                                                Sandelman Software Works
                                                            January 2015

                     A Security Threat Analysis for
      the Routing Protocol for Low-Power and Lossy Networks (RPLs)

Abstract

   This document presents a security threat analysis for the Routing
   Protocol for Low-Power and Lossy Networks (RPLs).  The development
   builds upon previous work on routing security and adapts the
   assessments to the issues and constraints specific to low-power and
   lossy networks.  A systematic approach is used in defining and
   evaluating the security threats.  Applicable countermeasures are
   application specific and are addressed in relevant applicability
   statements.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7416.

Tsao, et al.                  Informational                     [Page 1]
RFC 7416          Security Threat Analysis for ROLL RPL     January 2015

Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Relationship to Other Documents . . . . . . . . . . . . . . .   4
   3.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   5
   4.  Considerations on RPL Security  . . . . . . . . . . . . . . .   5
     4.1.  Routing Assets and Points of Access . . . . . . . . . . .   6
     4.2.  The ISO 7498-2 Security Reference Model . . . . . . . . .   8
     4.3.  Issues Specific to or Amplified in LLNs . . . . . . . . .  10
     4.4.  RPL Security Objectives . . . . . . . . . . . . . . . . .  12
   5.  Threat Sources  . . . . . . . . . . . . . . . . . . . . . . .  13
   6.  Threats and Attacks . . . . . . . . . . . . . . . . . . . . .  13
     6.1.  Threats Due to Failures to Authenticate . . . . . . . . .  14
       6.1.1.  Node Impersonation  . . . . . . . . . . . . . . . . .  14
       6.1.2.  Dummy Node  . . . . . . . . . . . . . . . . . . . . .  14
       6.1.3.  Node Resource Spam  . . . . . . . . . . . . . . . . .  15
     6.2.  Threats Due to Failure to Keep Routing Information
           Confidential  . . . . . . . . . . . . . . . . . . . . . .  15
       6.2.1.  Routing Exchange Exposure . . . . . . . . . . . . . .  15
       6.2.2.  Routing Information (Routes and Network Topology)
               Exposure  . . . . . . . . . . . . . . . . . . . . . .  15
     6.3.  Threats and Attacks on Integrity  . . . . . . . . . . . .  16
       6.3.1.  Routing Information Manipulation  . . . . . . . . . .  16
       6.3.2.  Node Identity Misappropriation  . . . . . . . . . . .  17
     6.4.  Threats and Attacks on Availability . . . . . . . . . . .  18
       6.4.1.  Routing Exchange Interference or Disruption . . . . .  18
       6.4.2.  Network Traffic Forwarding Disruption . . . . . . . .  18
       6.4.3.  Communications Resource Disruption  . . . . . . . . .  20
       6.4.4.  Node Resource Exhaustion  . . . . . . . . . . . . . .  20

Tsao, et al.                  Informational                     [Page 2]
Show full document text
ISOC IETF Trust RFC Editor IRTF IESG IETF IAB IASA & IAOC IETF Tools IANA