[B.A.T.M.A.N.] About making batman-adv mesh network invisible (by encrypting Beacon frame)

Simon Wunderlich sw at simonwunderlich.de
Mon Apr 1 11:59:17 CEST 2019


Hi Xuebing,

at least for Ad-Hoc mode, you can't hide the SSID without changing the kernel 
driver (mac80211). Encrypting the beacon doesn't help here, as the SSID needs 
to be clear text eventually even if management frames get encrypted.

Cheers,
       Simon

On Saturday, March 30, 2019 11:50:27 AM CEST Xuebing Wang wrote:
> Hi community,
> 
> We have batman-adv + OpenWRT + ath9k chip + ath9k driver reliably
> running for about 2 years. The biggest batman-adv mesh network is with
> 100+ nodes.
> 
> As this is a closed network, we have a new requirement which is to make
> our batman-adv mesh network invisible, although the current SSID is just
> some meaningless characters.
> 
> One thought is hidden_ssid. But, it seems hidden_ssid is only supported
> for AP mode (not IBSS mode).
> 
> 802.11w does not protect Beacon frame (because it is before four-ways
> handshake).
> 
> As this is a closed network, what about encrypting Beacon (maybe all
> management frames later) using a hard-coded key in wpa_supplicant?
> 
> Thanks for your help.
> 
> Xuebing Wang

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.open-mesh.org/pipermail/b.a.t.m.a.n/attachments/20190401/0155aa90/attachment.sig>


More information about the B.A.T.M.A.N mailing list