TY - GEN
T1 - Fortified control-plane encapsulation with session-key derivation for secure IP mesh routing
AU - Amponis, George
AU - Radoglou-Grammatikis, Panagiotis
AU - Lagkas, Thomas
AU - Argyriou, Vasileios
AU - Sarigiannidis, Antonios
AU - Kazakli, Natasa
AU - Boufikos, Thomas
AU - Sarigiannidis, Panagiotis
PY - 2025/8/26
Y1 - 2025/8/26
N2 - Ad hoc routing protocols, widely used in mesh networks, lack inherent control plane security, making them vulnerable to classical attacks and future quantum threats. We present a security enhancement for the Optimized Link State Routing Protocol (OLSR) integrating post-quantum cryptography. Our approach embeds a Kyber512 key-encapsulation handshake within neighbor discovery (HELLO messages) to establish secure sessions. Subsequent HELLO and Topology Control (TC) messages are protected using ChaCha20-Poly1305 authenticated encryption (AEAD). This ensures neighbor authenticity, message confidentiality, and integrity against both classical and quantum adversaries without altering core OLSR routing logic. We detail the mechanism, including TLV-based packet extensions and cryptographic state management, using standard libraries (liboqs, OpenSSL). This provides a practical pathway towards quantumresilient mesh networking, with performance evaluated through parameters like handshake latency and control plane overhead. Future work can explore protocol-agnostic abstractions.
AB - Ad hoc routing protocols, widely used in mesh networks, lack inherent control plane security, making them vulnerable to classical attacks and future quantum threats. We present a security enhancement for the Optimized Link State Routing Protocol (OLSR) integrating post-quantum cryptography. Our approach embeds a Kyber512 key-encapsulation handshake within neighbor discovery (HELLO messages) to establish secure sessions. Subsequent HELLO and Topology Control (TC) messages are protected using ChaCha20-Poly1305 authenticated encryption (AEAD). This ensures neighbor authenticity, message confidentiality, and integrity against both classical and quantum adversaries without altering core OLSR routing logic. We detail the mechanism, including TLV-based packet extensions and cryptographic state management, using standard libraries (liboqs, OpenSSL). This provides a practical pathway towards quantumresilient mesh networking, with performance evaluated through parameters like handshake latency and control plane overhead. Future work can explore protocol-agnostic abstractions.
KW - Control Plane Security
KW - Kyber
KW - Mesh Networking
KW - Network Security
KW - OLSR
KW - Post-Quantum Cryptography
U2 - 10.1109/CSR64739.2025.11130165
DO - 10.1109/CSR64739.2025.11130165
M3 - Conference contribution
AN - SCOPUS:105016227635
SN - 9798331535926
T3 - Proceedings of the 2025 IEEE International Conference on Cyber Security and Resilience, CSR 2025
SP - 944
EP - 949
BT - Proceedings of the 2025 IEEE International Conference on Cyber Security and Resilience, CSR 2025
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 5th IEEE International Conference on Cyber Security and Resilience, CSR 2025
Y2 - 4 August 2025 through 6 August 2025
ER -