[Olsr-dev] olsrd web of trust plug-in
Mon Dec 22 15:39:22 CET 2008
On Montag 22 Dezember 2008 15:22:08 Bernd Petrovitsch wrote:
> Today? Yes.
> Given that WEP, WPA and WPA-2 are already there (and the former 2
> already obsolete), more of that will come.
> > story... ;)
> VIA-C7 - http://www.via.com.tw/en/products/processors/c7/ - has hardware
> AES support.
Which does not help with asymmetric algorithms.
> Apart from that: The asymmetric keys are just necessary to (regularly)
> exchange the symmetric ones - IPsec does this also in completely
> user-space (at least 5 years ago).
Yes... because IPSec mostly deals with unicast traffic. Multicast (broadcast
is a special case) is MUCH MORE difficult.
> And for the symmetric keys, the algorithms are fairly cheap (and one
> could use a somewhat less secure but much more CPU-saving one if it
> really matters).
> So personally I consider that problem as such solved - it is just a
> question of a good implementation (or hardware support).
Sorry, but you are dead wrong.
The problem of securing OLSR-traffic is to authentificate netwide broadcast
floods... you cannot do this easily with symmetric algorithm if you Want to
protect against an insider attacker.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 197 bytes
Desc: This is a digitally signed message part.
More information about the Olsr-dev