Hello,
I recently came across Batman Adv and the question arose in my mind whether it is possible to authenticate the routing information exchange - for example with HMAC as in babel. This would for example prevent attacks where a malicious node says "I have the perfect route to the destination!". I am not concerned with encryption or authentication of the traffic, only of the routing information. Is there anything like this in Batman (Adv)? If not, is it planned to implement something like this? If there isn't, does anyone have an idea how something like this could be done differently (in a different layer)?
I would be very happy to receive answers!
Greetings Marek Küthe
Hi,
I am not concerned with encryption or authentication of the traffic, only of the routing information. Is there anything like this in Batman (Adv)?
currently, batman-adv has no mesh authentication built-in.
If not, is it planned to implement something like this?
I am not aware anyone is working on this topic.
If there isn't, does anyone have an idea how something like this could be done differently (in a different layer)?
The typical approach is to use WiFi encryption (IBSS RSN or 11s SAE) which gives you the additional benefit of traffic encryption. SAE also allows a separate encryption key per peer to avoid having a sharde secret which can leak.
Cheers, Marek
b.a.t.m.a.n@lists.open-mesh.org
-
Marek Küthe -
Marek Lindner