Adrian Byszuk wrote:
Hello,
I'm currently working on project (part of my Bachelor work) which will use to transfer very sensitive data over the network, and I'd like to use mesh networks to transfer this data. Additionally, it should also be possible for "normal people" to connect to this network (e.g. to surf internet). Preliminary, I've chosen BATMAN to build this network. But I've got a few questions regarding security of this solution:
- Does BATMAN provide any method of *authenticating* nodes?
As I've said earlier, sometimes transferred data will be highly sensitive (for example: information of patients health in hospital), so it's absolutely critical to not allow leaking this information. I can imagine situation when some fake nodes claim "Hey, I'm the server collecting this data"... I think this is also important when someone would try to destroy our mesh network by placing some fake nodes in it.
No, it doesn't provide any form of authentication. Normally this should be done in any layer above batman-adv. As in other network setups it is possible to create local blackhole by a node which says that it is the perfect route or that he is someone else. Maybe Simon can give more information about such strategies.
I would say that it a good idea not to allow other nodes to join the mesh directly if you have mission critical data send over it.
- If point nr one isn't possible, maybe there is some other way to ensure
security? I don't know too much about security or cryptography, but I can think of solutions such as openVPN or IPsec.
Correct. This is the best idea to do it. To prevent others to enter the mesh setup it should be possible to use wpa_none. Maybe there are other suggestions floating around on the mailing list.
Generally, the goal is to assert security of transmitting some data *without* losing open characteristics of mesh network.
The problem is that you have two different goals. It is ok to say that data must be encrypted over the mesh (vpn/ipsec/..), but it is hard to keep something really open and at the the same time also prevent the user to have control over the mesh (because the mesh is not for the nodes, but the nodes form the mesh).
But if it is only important that data cannot be captured by other people then go for a good higher level encryption and authentication strategy.
And are you sure that you really want to connect endu ser to the mesh directly? It is a lot easier to use dedicated nodes (ask Linus or Marek) which connects to the mesh and provide some kind of gateway to/over the mesh. Those endpoints could for example also use to provide the vpn (depends on your setup).
Best regards, Sven