6. Security Considerations

Security issues are described in Section 5.4. The security considerations in RFC 4919 [RFC4919], RFC 4944 [RFC4944], and RFC 4593 [RFC4593] apply as well.

The use of wireless links renders a 6LoWPAN susceptible to attacks like any other wireless network. In outdoor 6LoWPANs, the physical exposure of the nodes allows an adversary to capture, clone, or tamper with these devices. In ad hoc 6LoWPANs that are dynamic in both their topology and node memberships, a static security configuration does not suffice. Spoofed, altered, or replayed routing information might occur, while multihopping could delay the detection and treatment of attacks.

This specification expects that the link layer is sufficiently protected, either by means of physical or IP security for the backbone link, or with MAC-sublayer cryptography. However, link-layer encryption and authentication may not be sufficient to provide confidentiality, authentication, integrity, and freshness to both data and routing protocol packets. Time synchronization, self-organization, and secure localization for multi-hop routing are also critical to support.

For secure routing protocol operation, it may be necessary to consider authenticated broadcast (and multicast) and bidirectional link verification. On the other hand, secure end-to-end data delivery can be assisted by the routing protocol. For example, multi-path routing could be considered for increasing security to prevent selective forwarding. However, the challenge is that 6LoWPANs already have high resource constraints, so that 6LBR and LoWPAN nodes may require different security solutions.