[Olsr-users] Network address associated with fingerprint of the node's public key?

Wojciech Zabolotny (spam-protected)
Tue Feb 28 12:24:35 CET 2012


Hi,

I've experimented a little with spontaneously created mesh networks
based on olsr protocol.
The idea was, that the net is totally open, without any management
nodes (so the network
should survive as long as sufficient amount of users is on-line,
creating the mesh).
Therefore it was also not possible to provide any DHCP server.
Everyone could connect selecting any free IP belonging to the pool of
the addresses belonging
to the network.
Unfortunately, such simplistic scheme is not immune against IP
conflicts (either occuring
due to random selection of IP, or caused by malicious intruders trying
to destroy the network).
The network could be protected, if the IP address could be associated
with the public key of
the node (e.g. it could be based on fingerprint of this key).
In this case the intruder could not spoof the particular node, unless
he has the secret key
associated with public kay matching that IP.
When maintaining the network, nodes should check, that  the node
claiming to have particular
IP really has the key pair matching it (by sending challenge encrypted
with the public key, and
requesting the response).

Of course it could be difficult to add such mechanism to the IP4 based
network (as with less than 2^32
possible IP numbers it could could be possible to generate key
matching any selected IP - even though
it should be time consuming), but in IPv6 it should be doable.
I don't know if this idea is new, neither if it is possible to
implement in reasonable way,
but it seems interesting...
-- 
WZab




More information about the Olsr-users mailing list