Fortified Control-Plane Encapsulation with Session-Key Derivation for Secure IP Mesh Routing

Ad hoc routing protocols, widely used in mesh networks, lack inherent control plane security, making them vulnerable to classical attacks and future quantum threats. We present a security enhancement for the Optimized Link State Routing Protocol (OLSR) integrating post-quantum cryptography. Our approach embeds a Kyber512 key-encapsulation handshake within neighbor discovery (HELLO messages) to establish secure sessions. Subsequent HELLO and Topology Control (TC) messages are protected using ChaCha20-Poly1305 authenticated encryption (AEAD). This ensures neighbor authenticity, message confidentiality, and integrity against both classical and quantum adversaries without altering core OLSR routing logic. We detail the mechanism, including TLV-based packet extensions and cryptographic state management, using standard libraries (liboqs, OpenSSL). This provides a practical pathway towards quantumresilient mesh networking, with performance evaluated through parameters like handshake latency and control plane overhead. Future work can explore protocol-agnostic abstractions.