[Olsr-dev] New OLSRd Plugin (derivative of olsrd_secure)

Will Hawkins (spam-protected)
Sun Dec 23 05:46:16 CET 2012


On 12/22/2012 03:27 AM, Henning Rogge wrote:
> I am just curious,
>
> do you have also experimented with using IPsec with a static shared
> key to encrypt/sign your traffic hop-by-hop ?

Hello Henning!

Yes, we have experimented with that. We are also actively pursuing 
AuthSAE support (from the 802.11s protocol) for doing zero-knowledge 
link encryption. We plan on using both link encryption and route signing 
as part of a defense-in-depth strategy.

Thank you for taking the time to review this submission. Please continue 
to email questions and I will continue to answer them as I am able. :-)

Will

>
> Henning Rogge
>
> On Fri, Dec 21, 2012 at 9:25 PM, Will Hawkins
> <(spam-protected)> wrote:
>>
>>
>> On 12/21/2012 12:25 PM, Ferry Huberts wrote:
>>>
>>>
>>> On 21/12/12 17:54, Will Hawkins wrote:
>>>>
>>>>
>>>> On 12/21/2012 07:51 AM, Saverio Proto wrote:
>>>>> Hello,
>>>>>
>>>>> do you have your git branch published somewhere on the web  ?
>>>>
>>>> No, but I could easily make that happen. You could just pull from that
>>>> to review the code then, right?
>>>>
>>>
>>> I think we would happily look at your code but you have to make it easy
>>> for us to understand it ;-)
>>
>> I'm happy to make it easy for you to understand, once I understand it
>> :-) Just kidding, of course.
>>
>> I posted the repo with the mdp branch to github under
>> https://github.com/opentechinstitute/olsrd-mdp
>>
>> As I said previously, this relies heavily on olsrd-secure and I followed
>> their style (which hopefully matches up with the project's general style).
>>
>> I look forward to your feedback. Happy Friday everyone!
>>
>> Will
>>
>>>
>>>
>>>
>>>
>>>> Will
>>>>
>>>>>
>>>>> Saverio
>>>>>
>>>>>
>>>>> 2012/12/20 Will Hawkins <(spam-protected)>:
>>>>>> Hello everyone!
>>>>>>
>>>>>> The Open Technology Institute has created a new plugin for OLSRd known
>>>>>> as olsrd_mdp (Mesh Datagram Protocol [MDP] Secure OLSR). The plugin
>>>>>> integrates OLSRd with Serval to create a mechanism for signing OLSR
>>>>>> packets with a shared private key stored in a Serval keyring. This
>>>>>> plugin is a derivative of the olsrd_secure plugin.
>>>>>>
>>>>>> Serval is a mesh networking project out of Australia
>>>>>> (http://www.servalproject.org). One of their main products, serval-dna,
>>>>>> includes a keyring that stores (and optionally locks) a set of
>>>>>> public/private keypairs. olsrd_mdp takes a private key from Serval's
>>>>>> key
>>>>>> ring and uses it to sign OLSR packets.
>>>>>>
>>>>>> It differs from olsrd_secure in a few ways:
>>>>>>
>>>>>> 1. olsrd_mdp is configured with a key identifier. The key identifier
>>>>>> allows the user to specify which keypair from the Serval keyring will
>>>>>> sign packets.
>>>>>>
>>>>>> 2. olsrd_mdp allows for variable-length keys.
>>>>>>
>>>>>> 3. olsrd_mdp salts AND signs OLSR packets with a private key.
>>>>>>
>>>>>> We would really like to share this plugin with the OLSRd community. We
>>>>>> developed the plugin in a branch off of master but the plugin requires
>>>>>> Serval's serval-dna development kit to compile. This brings up two
>>>>>> questions:
>>>>>>
>>>>>> 1. How do plugin makefiles alert the user that they need configuration
>>>>>> to compile correctly? The necessary parameter is documented in the
>>>>>> olsrd_mdp README file. Is there another better way to document this?
>>>>>>
>>>>>> 2. What is the best way to submit the plugin for review for possible
>>>>>> inclusion? I did my best to follow OLSRd code standards while
>>>>>> developing, but I'd appreciate your feedback in spotting the places
>>>>>> where I inevitably messed up.
>>>>>>
>>>>>> Thanks for reading this rather long message. We are really excited
>>>>>> about
>>>>>> the possibility of sharing this plugin with the OLSRd community.
>>>>>>
>>>>>> Talk to you soon!
>>>>>> Will
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Olsr-dev mailing list
>>>>>> (spam-protected)
>>>>>> https://lists.olsr.org/mailman/listinfo/olsr-dev
>>>>>
>>>>
>>>
>>
>> --
>> Olsr-dev mailing list
>> (spam-protected)
>> https://lists.olsr.org/mailman/listinfo/olsr-dev
>
>
>





More information about the Olsr-dev mailing list