Home

TrustRouter

TrustRouter is an implementation of the Secure Neighbor Discovery Protocol (SEND, RFC 3971). Its focus is on securing router advertisements in IPv6 networks. Even though it is specified in the SEND RFC, TrustRouter does not implement CGAs and does not secure neighbor advertisements as of yet. TrustRouter will be available as a one-click solution that can be installed on clients running Linux, Mac OS X, and Windows. In addition to that, TrustRouter will also be integrated in the router advertisement daemon radvd.

The Team

TrustRouter is a project developed by the following five master students of IT-Systems Engineering at Hasso-Plattner-Institute Potsdam, Germany: Robert Aschenbrenner, Michael Goderbauer, Martin Hanysz, Martin Krüger, and Thomas Zimmermann. The project is supervised by Dr. Martin von Löwis.

Do you have comments, questions, or remarks? Contact us at team@trustrouter.net.

Documentation

On the following pages we would like to give some background information about Router Advertisments and the SEND protocol. In addition to that, we are also going to explain our TrustRouter implementation in greater detail.

• Router Advertisments and SEND
  • What are Router Advertisements?
  • How does SEND work?
• SEND and Certificates
  • How are certificate chains formed for SEND?
  • How can I generate trust anchors and router certificates for testing?
• TrustRouter Implementation for Clients
  • Overview
  • OS-specific Modules
    • Linux
    • Mac OS X
    • Windows
  • Core Module
  • Security Module
• TrustRouter Utility Scripts
• TrustRouter Implementation for Routers
• Our Test-Setup with NDProtector