Improved Secure Neighbor Discovery Protocol (ISEND) for New Wireless Networks Generations

Imen El Bouabidi, Salima Smaoui, Faouzi Zarai, Mohammad S. Obaidat, Lotfi Kamoun

Abstract

In charge of several critical functionalities, the Neighbor Discovery Protocol (NDP) is used by IPv6 nodes to find out nodes on the link, to learn their link-layer addresses to discover routers, and to preserve reachability information about the paths to active neighbors. Given its important and multifaceted role, security and efficiency must be ensured. However, NDP is vulnerable to critical attacks such as spoofing address, denial-of-service (DoS) and reply attack. Thus, in order to protect the NDP protocol, the Secure Neighbor Discovery (SEND) was designed. Nevertheless, SEND’s protection still suffers from numerous threats and it is currently incompatible with the context of mobility and especially with the proxy Neighbor Discovery function used in Mobile IPv6. To overcome these limitations, this paper defines a new protocol named Improved Secure Neighbor Discovery (ISEND) which adapt SEND protocol to the context of mobility and extend it to new functionalities. The proposed protocol (ISEND) has been modeled and verified using the Security Protocol ANimator software (SPAN) for the Automated Validation of Internet Security Protocols and Applications (AVISPA) which have proved that authentication goals are achieved. Hence, the scheme is safe and efficient when an intruder is present.

References

  1. T. Narten et al., “Neighbor Discovery for IP Version 6 (IPv6),” RFC 4861, Sept. 2007; http://tools.ietf.org/html/rfc4861.
  2. P. Nikander, ed., J. Kempf, and E. Nordmark, “IPv6 Neighbor Discovery (ND) Trust Models and Threats”, IETF, RFC 3756, May 2004. http://tools.ietf. org/html/rfc3765.
  3. YE. Gelogo, RD. Caytiles, and B. Park, “Threats and Security Analysis for Enhanced Secure Neighbor Discovery Protocol (SEND) of IPv6 NDP Security” International Journal of Control and Automation Vol. 4, No. 4, December, 2011.
  4. J. Arkko, J. Kempf, B. Zill, and P. Nikander, “SEcure Neighbor Discovery (SEND),” IETF, RFC 3971, March 2005. http://tools.ietf.org/html/rfc3971.
  5. S. Krishnan, J. Laganier, M. Bonola, and A. GarciaMartinez, “Secure Proxy ND Support for SEND”, IETF, RFC 6496, February 2012. http://tools.ietf.org/html/rfc6496.
  6. J.-M. Combes, S. Krishnan, and G. Daley, “Securing Neighbor Discovery Proxy: Problem Statement,” IETF, RFC 5909, July 2010. http://tools.ietf.org/html/rfc5909
  7. P. Nikander and J. Arkko, “Delegation of Signalling Rights”, In Proceeding of the Security Protocols, 10th International Workshop, Cambridge, UK, April 16-19, 2002, LNCS 2845, pp. 203-212, Springer, 2003.
  8. T. Cheneau, M. Laurent Network, “Using SEND Signature Algorithm Agility and Multiple-Key CGA to Secure Proxy Neighbor Discovery and Anycast Addressing”, In 6th Conference on Network Architectures and Information Systems Security (SAR-SSI), 2011, pp. 1 - 7
Download


Paper Citation


in Harvard Style

El Bouabidi I., Smaoui S., Zarai F., Obaidat M. and Kamoun L. (2014). Improved Secure Neighbor Discovery Protocol (ISEND) for New Wireless Networks Generations . In Proceedings of the 11th International Conference on Wireless Information Networks and Systems - Volume 1: WINSYS, (ICETE 2014) ISBN 978-989-758-047-5, pages 71-77. DOI: 10.5220/0005123300710077


in Bibtex Style

@conference{winsys14,
author={Imen El Bouabidi and Salima Smaoui and Faouzi Zarai and Mohammad S. Obaidat and Lotfi Kamoun},
title={Improved Secure Neighbor Discovery Protocol (ISEND) for New Wireless Networks Generations},
booktitle={Proceedings of the 11th International Conference on Wireless Information Networks and Systems - Volume 1: WINSYS, (ICETE 2014)},
year={2014},
pages={71-77},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005123300710077},
isbn={978-989-758-047-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Wireless Information Networks and Systems - Volume 1: WINSYS, (ICETE 2014)
TI - Improved Secure Neighbor Discovery Protocol (ISEND) for New Wireless Networks Generations
SN - 978-989-758-047-5
AU - El Bouabidi I.
AU - Smaoui S.
AU - Zarai F.
AU - Obaidat M.
AU - Kamoun L.
PY - 2014
SP - 71
EP - 77
DO - 10.5220/0005123300710077