Proceedings of the 6 th International Conference on Computing and Informatics, ICOCI 2017 25-27April, 2017 Kuala Lumpur. Universiti Utara Malaysia (http://www.uum.edu.my ) Paper No. 119 735 THE AUTHENTICATION TECHNIQUES FOR ENHANCING THE RPL SECURITY MODE: A SURVEY Mohamad Faiz Razali, Mohd Ezanee Rusli, Norziana Jamil, Roslan Ismail, Salman Yussof College of Computer Science and Information Technology, Universiti Tenaga Nasional, Malaysia, techfree91@gmail.com,{Ezanee, Norziana, Roslan, Salman}@uniten.edu.my ABSTRACT. The IPv6 Routing Protocol for Low-Power and Lossy Net- works (RPL) was introduced as the routing standard for the Internet of Things (IoT) by the Internet Engineering Task Force (IETF) in 6LowPAN environment networks. It supports a secure version of routing control mes- sages while providing three security support modes known as Unsecured, Pre-installed and Authenticated Mode. Unsecured Mode is a default usage mode of RPL which is currently used for exchanging routing message. For now, RPL uses AES/CCM in order to provide confidentiality and integrity in its specification. Authenticated Mode is reserved for future work and must not be supported by symmetric cryptography for nodes intending to be a router in RPL network. The outside device needs to be authenticated to join the RPL network as a router. Currently, the RPL specification in RFC 6550 does not state how asymmetric cryptography can be implemented if the device is to be authenticated and to operate as a router. This paper pro- vides a survey of lightweight authentication schemes proposed for LLN. Keywords: RPL, security mode, authentication, cryptography, lightweight INTRODUCTION As the Internet keeps growing and computer networks become much bigger each day, se- curity becomes one of the most important pillars and a critical aspect to be considered. The same situation happens to Internet of Things (IoT). It is estimated that the number of IoT- enabled devices will reach approximately 25 billion by year 2025 (“Gartner Says 4.9 Billion,” 2014). With the contribution of the Internet, IoT becomes an emerging technology enabling other technologies to be combined such as radio frequency identification (RFID) technology, wireless communication technology and electronic product code (EPC) standard. Within IoT, all things in this world may become translucent due to the consistency of global real time information sharing. This is a reason why security becomes more sensitive within the development of IoT. Cyber-attackers are waiting for any opportunity available and any chances visible in IoT to hack into the network thus jeopardizing the entire network (Wen, Dong, & Zhang, 2012). Network nodes interact with each other using wireless chan- nels. These nodes may be left unattended as human workers cannot possibly attend to all of them. This situation could make them vulnerable to security and network attacks. Cyber- attackers can hijack the communication by providing their own nodes into the network. Fur- thermore, they can try to eavesdrop on messages exchanged between legal nodes and thus