[Olsr-dev] "Secure" Mesh networks
Henning Rogge
(spam-protected)
Tue Feb 9 09:24:26 CET 2010
On Tue February 9 2010 08:59:12 John Barrett wrote:
> I'm not looking to add any more encryption than necessary, but I am
> looking for something more secure than a shared key. WPA already gives
> us that much, and most likely, if the WPA key is compromised, then the
> shared key will also be compromised (someone steals a router and reads
> out the data with a jtag cable for instance). What I'm looking at with
> certificates and TLS is providing a means of blocking out a single
> compromised node if needed (by updating the certificate revocation
> list), with just a little more overhead than the current secure plugin,
> and that overhead mostly at "startup" when 2 nodes become aware of each
> other.
Communication between two OLSR nodes are not point-2-point but "one-to-all"
flooding communication, so you cannot establish a routing signature by creating
a session key between each node pair (unless you want to put a signature for
EACH other node into a OLSR message).
Henning Rogge
--
Diplom-Informatiker Henning Rogge , Fraunhofer-Institut für
Kommunikation, Informationsverarbeitung und Ergonomie FKIE
Kommunikationssysteme (KOM)
Neuenahrer Straße 20, 53343 Wachtberg, Germany
Telefon +49 228 9435-263, Fax +49 228 9435 685
mailto:(spam-protected) http://www.fkie.fraunhofer.de
GPG: E1C6 0914 490B 3909 D944 F80D 4487 C67C 55EC CFE0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20100209/e1a7ad22/attachment.sig>
More information about the Olsr-dev
mailing list