[Olsr-dev] Bug Secure Plugin - Endianness ?

Henning Rogge (spam-protected)
Sat May 14 01:19:57 CEST 2011 

Am Freitag 13 Mai 2011, 19:36:51 schrieb Roar Bjørgum Rotvik:
> I'm one of the guys that thought of and designed this secure plug in.
> It was designed for use in a controlled net, i.e. all the allowed nodes
> has a preshared key obtained out-of-band (i.e. not part of olsr or
> network traffic) that kept all non authorised nodes away from
> interfering with olsr traffic.
> 
> It was mostly a proof of concept for a "small" network (not 1000 of
> nodes) where we wanted a basic level of routing security. It is not "the
> final" security solution for authentication in the network and should
> not be used for that. But it should be enough for small and confined
> networks.
As a proof of concept its okay.

> What do you believe is "broken" in it's design? Remember that the design
> criteria was simple, small and low overhead (hence no PKI).
I don't think there is really an attacker model that would be protected 
against...

if you have an insider attacker, he is already part of your network and a 
shared group key approach does not help.

if your fear outsiders, securing your link layer will be much better than an 
authentication scheme for the routing.

But the mayor problem I saw when I looked at it is that it works on packet 
level. Packets are not forwarded through the whole network, they are only used 
hop by hop to transfer the messages. This means the signature scheme is only 
hop-by-hop and not end-to-end, which remove the possible advantage over a 
linklayer sollution.

I think a possible "secure" transport mechanism for the routing should work on 
the message level, it should encrypt everything of the message after the 
originator and should contain a signature within the encrypted part for the 
whole message except the TTL field.

Henning Rogge

-- 
1) You can't win.
2) You can't break even.
3) You can't leave the game.
— The Laws of Thermodynamics, summarized
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20110514/805ff28c/attachment.sig>

More information about the Olsr-dev mailing list