On Thursday 10 April 2008 13:22:16 Marek Lindner wrote:
IMHO the olsr secure plugin idea has a good intention but the concept is broken. There are several aspects:
- As long as only a single instance (one admin) knows the key everything is
fine. But every node joining the mesh will need that key. Either the admin has a _lot_ of freetime or you have to hand out the key. In the later case check Ebay from to time to time to find out about the value of your key.
still that can be better than no security at all...
;-) - Furthermore, batman is used for _community_ meshing. Everybody should be able to join quickly ...
i basically agree, but some people might like to set up a more controlled environment. even in a community network this might be useful at times, for example if you want to set up a backbone network.
one way to solve this without a static key which has to be known to all nodes is using a public key infrastructure (PKI) with a certificate authority (CA). the clients can generate their own private and public keys and send the public key to be signed by the CA. that could go hand in hand with adding their nodes to a map and accepting some basic agreement (pico peering). after it has been signed they could start using encryption for an extra level of mesh security.
- You give your users a FALSE impression of security: "We have the secure
plugin enabled - we are secure!". Still everybody can sniff the data, man in the middle, etc
yes people have to understand that only the mesh protocol will be encrypted, not the data.
- Encryption on an embedded device like a router is a performance killer if
the encryption is not done in the hardware itself.
it's not too bad as long as the bandwith is low, as it would be the case with protocol traffic.
- Most important: Nothing is better than end to end encryption /
authentication / authorization.
that's true, but it doesn't help if the underlying mesh protocol can be disturbed easily by un-authenticated nodes and your traffic never reaches the other endpoint.
there are two different layers of adding authentication and encryption. one is the mesh protocol itself the other one is end-to-end user encryption. both are necessary if you want to make your network secure.
bruno