Hi all !
I found this post : http://robin.forumup.it/about107-robin.html
I like to hear opinions about this possible security issue.
Thx in advance !
Hi,
I found this post : http://robin.forumup.it/about107-robin.html
I like to hear opinions about this possible security issue.
why do the security experts always find the same bug ? :D
As far as I know the WPA encryption is not supposed to secure _all_ your traffic. It is supposed to encrypt the traffic between your notebook and your accesspoint.
For meshing you need ad-hoc mode and in this mode you don't have a single authority to authenticate against. How should "mesh encryption" work - all nodes are "equal" ?
If you want to secure your network traffic, please use the higher security layers as SSL or similar technologies. They do _proper_ end to end encryption. Even if the WPA would work your traffic is not secure as the internet gateway and all stations after it still could sniff your traffic.
I would be very interested to hear from "williamruckman" what kind of packets he would inject to "capture all traffic or perform a man-in-the-middle attack". I suggest reading the "security considerations" section of this document first: https://www.open-mesh.net/batman/doc/draft-openmesh-b-a-t-m-a-n-00.txt
Regards, Marek
El Wednesday 09 April 2008 21:52:50 Marek Lindner escribió:
Hi,
I found this post : http://robin.forumup.it/about107-robin.html
I like to hear opinions about this possible security issue.
why do the security experts always find the same bug ? :D
As far as I know the WPA encryption is not supposed to secure _all_ your traffic. It is supposed to encrypt the traffic between your notebook and your accesspoint.
For meshing you need ad-hoc mode and in this mode you don't have a single authority to authenticate against. How should "mesh encryption" work - all nodes are "equal" ?
If you want to secure your network traffic, please use the higher security layers as SSL or similar technologies. They do _proper_ end to end encryption. Even if the WPA would work your traffic is not secure as the internet gateway and all stations after it still could sniff your traffic.
I would be very interested to hear from "williamruckman" what kind of packets he would inject to "capture all traffic or perform a man-in-the-middle attack". I suggest reading the "security considerations" section of this document first: https://www.open-mesh.net/batman/doc/draft-openmesh-b-a-t-m-a-n-00.txt
Regards, Marek _______________________________________________ B.A.T.M.A.N mailing list B.A.T.M.A.N@open-mesh.net https://list.open-mesh.net/mm/listinfo/b.a.t.m.a.n
Thanks for your reply. I hope I am not being annoying.
Obviously there are too many "security experts" out there.... :P
Regards, GUSL
The problem I see here is the possibility of unwanted batman nodes joining in and announcing wrong/ false gateway. Since adhoc will only support WEP and imo its not viable having batman run only over VPN, i think a symmetric key arrangement where in all nodes have the same password to join in routing would be a great addition. This basically is the concept of olsr secure plugin.
Regards, Vinay Menon
On Apr 10, 2008, at 7:25 AM, GUSL gfjl@ubbi.com wrote:
El Wednesday 09 April 2008 21:52:50 Marek Lindner escribió:
Hi,
I found this post : http://robin.forumup.it/about107-robin.html
I like to hear opinions about this possible security issue.
why do the security experts always find the same bug ? :D
As far as I know the WPA encryption is not supposed to secure _all_ your traffic. It is supposed to encrypt the traffic between your notebook and your accesspoint.
For meshing you need ad-hoc mode and in this mode you don't have a single authority to authenticate against. How should "mesh encryption" work - all nodes are "equal" ?
If you want to secure your network traffic, please use the higher security layers as SSL or similar technologies. They do _proper_ end to end encryption. Even if the WPA would work your traffic is not secure as the internet gateway and all stations after it still could sniff your traffic.
I would be very interested to hear from "williamruckman" what kind of packets he would inject to "capture all traffic or perform a man-in-the-middle attack". I suggest reading the "security considerations" section of this document first: https://www.open-mesh.net/batman/doc/draft-openmesh-b-a-t-m-a- n-00.txt
Regards, Marek _______________________________________________ B.A.T.M.A.N mailing list B.A.T.M.A.N@open-mesh.net https://list.open-mesh.net/mm/listinfo/b.a.t.m.a.n
Thanks for your reply. I hope I am not being annoying.
Obviously there are too many "security experts" out there.... :P
Regards, GUSL
B.A.T.M.A.N mailing list B.A.T.M.A.N@open-mesh.net https://list.open-mesh.net/mm/listinfo/b.a.t.m.a.n
On Thursday, 10. April 2008 10:23:58 Vinay Menon wrote:
The problem I see here is the possibility of unwanted batman nodes joining in and announcing wrong/ false gateway. Since adhoc will only support WEP and imo its not viable having batman run only over VPN, i think a symmetric key arrangement where in all nodes have the same password to join in routing would be a great addition. This basically is the concept of olsr secure plugin.
But announcing a wrong/false gateway wont help - that is why we have a blackhole detection or the preferred gateway option. You can choose your gateway.
IMHO the olsr secure plugin idea has a good intention but the concept is broken. There are several aspects: - As long as only a single instance (one admin) knows the key everything is fine. But every node joining the mesh will need that key. Either the admin has a _lot_ of freetime or you have to hand out the key. In the later case check Ebay from to time to time to find out about the value of your key. ;-) - Furthermore, batman is used for _community_ meshing. Everybody should be able to join quickly ... - You give your users a FALSE impression of security: "We have the secure plugin enabled - we are secure!". Still everybody can sniff the data, man in the middle, etc - Encryption on an embedded device like a router is a performance killer if the encryption is not done in the hardware itself. - Most important: Nothing is better than end to end encryption / authentication / authorization.
Greetings, Marek
On Thursday 10 April 2008 13:22:16 Marek Lindner wrote:
IMHO the olsr secure plugin idea has a good intention but the concept is broken. There are several aspects:
- As long as only a single instance (one admin) knows the key everything is
fine. But every node joining the mesh will need that key. Either the admin has a _lot_ of freetime or you have to hand out the key. In the later case check Ebay from to time to time to find out about the value of your key.
still that can be better than no security at all...
;-) - Furthermore, batman is used for _community_ meshing. Everybody should be able to join quickly ...
i basically agree, but some people might like to set up a more controlled environment. even in a community network this might be useful at times, for example if you want to set up a backbone network.
one way to solve this without a static key which has to be known to all nodes is using a public key infrastructure (PKI) with a certificate authority (CA). the clients can generate their own private and public keys and send the public key to be signed by the CA. that could go hand in hand with adding their nodes to a map and accepting some basic agreement (pico peering). after it has been signed they could start using encryption for an extra level of mesh security.
- You give your users a FALSE impression of security: "We have the secure
plugin enabled - we are secure!". Still everybody can sniff the data, man in the middle, etc
yes people have to understand that only the mesh protocol will be encrypted, not the data.
- Encryption on an embedded device like a router is a performance killer if
the encryption is not done in the hardware itself.
it's not too bad as long as the bandwith is low, as it would be the case with protocol traffic.
- Most important: Nothing is better than end to end encryption /
authentication / authorization.
that's true, but it doesn't help if the underlying mesh protocol can be disturbed easily by un-authenticated nodes and your traffic never reaches the other endpoint.
there are two different layers of adding authentication and encryption. one is the mesh protocol itself the other one is end-to-end user encryption. both are necessary if you want to make your network secure.
bruno
ditto bruno .
End to end encryption for clients is better done with openssl . Having to choose our gateway too is similar to having to choose then option or having secure routing or not more over .Entering the prefered gateway is same as entering preferred password the password is more dynamic and a bit more secure imo . If the admin wants he can secure the system and if its a open mesh then no need of security.....well oss is all about options isnt it?
Regards,
On Thu, Apr 10, 2008 at 2:04 AM, bruno randolf bruno@thinktube.com wrote:
On Thursday 10 April 2008 13:22:16 Marek Lindner wrote:
IMHO the olsr secure plugin idea has a good intention but the concept is broken. There are several aspects:
- As long as only a single instance (one admin) knows the key everything
is
fine. But every node joining the mesh will need that key. Either the
admin
has a _lot_ of freetime or you have to hand out the key. In the later
case
check Ebay from to time to time to find out about the value of your key.
still that can be better than no security at all...
;-) - Furthermore, batman is used for _community_ meshing. Everybody
should
be able to join quickly ...
i basically agree, but some people might like to set up a more controlled environment. even in a community network this might be useful at times, for example if you want to set up a backbone network.
one way to solve this without a static key which has to be known to all nodes is using a public key infrastructure (PKI) with a certificate authority (CA). the clients can generate their own private and public keys and send the public key to be signed by the CA. that could go hand in hand with adding their nodes to a map and accepting some basic agreement (pico peering). after it has been signed they could start using encryption for an extra level of mesh security.
- You give your users a FALSE impression of security: "We have the
secure
plugin enabled - we are secure!". Still everybody can sniff the data,
man
in the middle, etc
yes people have to understand that only the mesh protocol will be encrypted, not the data.
- Encryption on an embedded device like a router is a performance killer
if
the encryption is not done in the hardware itself.
it's not too bad as long as the bandwith is low, as it would be the case with protocol traffic.
- Most important: Nothing is better than end to end encryption /
authentication / authorization.
that's true, but it doesn't help if the underlying mesh protocol can be disturbed easily by un-authenticated nodes and your traffic never reaches the other endpoint.
there are two different layers of adding authentication and encryption. one is the mesh protocol itself the other one is end-to-end user encryption. both are necessary if you want to make your network secure.
bruno _______________________________________________ B.A.T.M.A.N mailing list B.A.T.M.A.N@open-mesh.net https://list.open-mesh.net/mm/listinfo/b.a.t.m.a.n
Hello,
i agree to Marek, just encryption won't give us security, and i think it's better to keep the mesh open and "unsafe" than having people a delusion of "security", which would probably make things worse.
Anyway, i'd like to add that there is more than WEP for Adhoc:
There is WPA-NONE, which can be used with wpa_supplicant. Basicly it works with static keys, but doesn't support re-keying, replay attack detection and such as there is of course no AP which would regulate these features. So this is probably much weaker than "normal" WPA-PSK. (I'd be interested in a proper "security" discussion/documentation about this).
Btw, this does not seem to be a standard thing (couldn't find it in 802.11i), and there is no proper documentation as far as i can see. If anyone finds something usable, please let me know. ;)
You can give it a try, have a look at [1] and search for WPA-NONE in the document. Be aware that drivers might not (yet?) work with that. I know from madwifi that it still tries to apply replay rules even in IBSS mode and thus won't work with more than 2 particapants (that would give a boring mesh, right?). :D
Best Regards, Simon
[1] http://user.uni-frankfurt.de/~testrad/wpa_supplicant/wpa_supplicant.conf.exa...
On Thu, Apr 10, 2008 at 07:53:58AM +0530, Vinay Menon wrote:
The problem I see here is the possibility of unwanted batman nodes joining in and announcing wrong/ false gateway. Since adhoc will only support WEP and imo its not viable having batman run only over VPN, i think a symmetric key arrangement where in all nodes have the same password to join in routing would be a great addition. This basically is the concept of olsr secure plugin.
Regards, Vinay Menon
Thanks for your reply. I hope I am not being annoying.
Obviously there are too many "security experts" out there.... :P
No, you are not anoying - I simply here that question over and over again. I'm sorry if my mail sounded too rough. May be I should prepare a template somewhere .. ;-)
If you or somebody else want to discuss / improve security I happily join the discussion.
Greetings, Marek
b.a.t.m.a.n@lists.open-mesh.org
-
bruno randolf -
GUSL -
Marek Lindner -
Simon Wunderlich -
Vinay Menon