[Olsr-dev] olsrd web of trust plug-in

Henning Rogge (spam-protected)
Mon Dec 22 14:24:59 CET 2008 

On Montag 22 Dezember 2008 14:11:58 you wrote:
> On Mon, Dec 22, 2008 at 1:25 PM, Henning Rogge <(spam-protected)> 
wrote:
> > Just as a comment, I DONT want to spoil your work, we have worked on
> > similar staff at work... but there are a few problems I would like to
> > share. Maybe we can create an even better idea together.
>
> Yes, that would be great!
>
> > On Montag 22 Dezember 2008 13:21:31 you wrote:
> >> Yes, I am aware of this. As with this approach signature messages only
> >> travel one hop,
> >
> > That's dangerous for security... you just need two attackers (or one
> > attacker which simulates two or more nodes) to insert forged packages
> > into a legal network.  (I'm talking about an insider attacker, who owns a
> > single legal node of the network)
>
> Could you explain better your point? As long as the nodes are not
> compromised, forging a packet without the private key is almost
> impossible, because between neighbors a timestamp-exchange is
> performed to prevent replay attacks. If you are instead talking about
> a trusted user that starts acting maliciously, that may be seen as a
> flaw in the trust model. Anyway, I still don't see how this is related
> to hop-by-hop signatures.
There are two kinds of attackers on a network... outsiders and insiders.

Outsiders have some Hardware and maybe a complete knowledge about the network 
protocol they want to attack, but they have no keycodes. You can keep an 
"outsider" away from your network be using a symmetric shared groupkey (with 
some sequence numbers against replay attacks).

"Insiders" are attackers who own at least one legal node of your network, so 
they own the key material of this node too.

If you just do "link based" security (you authentificate that the packages you 
receive are send by the one-hop neighbor it pretends to be) an attacker can 
just use his legal key to "retransmit" a forged packet. The attacker will just 
pretend that he got a package from someone else and you have no chance to 
validate it's claim.

> > Yes, that is a possibility, I know... the packages will just grow larger
> > proportional to the number of 1-hop neighbors.
>
> Yes... I also heard (as others on this list) that many vendors are
> planning to include RSA-capable chips on embedded devices.
A hardware RSA chip will allow an asymmetric cryptography scheme to work in 
small and maybe medium sized networks. The problem is that you have to 
validate all incoming packages, and the number of flooded packages in OLSR a 
node receives per second scales with the size of the network.

Henning

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20081222/31eab315/attachment.sig>

More information about the Olsr-dev mailing list