[Olsr-dev] olsrd web of trust plug-in

Henning Rogge (spam-protected)
Mon Dec 22 13:25:21 CET 2008

Just as a comment, I DONT want to spoil your work, we have worked on similar 
staff at work... but there are a few problems I would like to share. Maybe we 
can create an even better idea together.

On Montag 22 Dezember 2008 13:21:31 you wrote:
> Yes, I am aware of this. As with this approach signature messages only
> travel one hop,
That's dangerous for security... you just need two attackers (or one attacker 
which simulates two or more nodes) to insert forged packages into a legal 
network.  (I'm talking about an insider attacker, who owns a single legal node 
of the network)

> to solve the problem we are planning to use session
> keys and multiple symmetric signature messages based on that session
> keys.
Yes, that is a possibility, I know... the packages will just grow larger 
proportional to the number of 1-hop neighbors.

> Another big issue is the fact that as each node has a subjective view
> of the network, in terms of trust metric, routing loops may occur.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20081222/b6815a1f/attachment.sig>

More information about the Olsr-dev mailing list