Timestamps and freshness

In a situation like depicted in figure 11.7, an advisory records signed traffic and plays it back at a later stage. This can be prevented to some degree by sequence numbers which are already utilized in OLSR, but for traffic that is only to be sent one hop, like HELLO messages, this is of little or no help. An evildoer can simply record all messages transmitted by a node and move to another area of the network where the HELLO messages recorded was never heard. Here the evildoer can start a replay attack by transmitting the recorded messages. The OLSR sequence numbers are also weak because of their length. They are only 16-bit values and wrap-around will occur rather frequent. The wrap-around mechanism used in OLSR makes the sequence numbers even weaker with respect to freshness.

Figure: A replay attack on OLSR. The attacker records signed messages and plays them back on a later stage or to nodes that has no record of the sequence numbers of some of the recorded messages.