[Commotion-dev] Quick Update

L. Aaron Kaplan aaron at lo-res.org
Wed Apr 6 21:38:56 UTC 2011 

On Apr 6, 2011, at 7:01 PM, Ben West wrote:

> Hi Dan,
> 
> Great news!

Agreed, congrats! :)

> 
> I would recommend checking out some of the recent threads on the olsr-users listserv re: options for encryption in an ad-hoc mesh, since they are limited, and/or present paths of diminishing returns.
> 

Ben, I have the feeling you are mixing different types of "encryption"  in the sentence above and then you say it is "limited". I don't quite agree. See below for what I mean :)

> That is, although schemes like WPA-NONE have been mentioned, the general problem is that the volume of packets moving over modem meshes quickly reduce the time needed for an interloper to snoop packets and crack the key.
> 
with WEP, yes. But not so much with WPA2.

> Other suggested options include layer-2 encryption, although I'm uncertain to what extent the current OpenWRT/Atheros platform may support this, or using tools like tinc to simply forward VPN tunnels thru the mesh.
> 
The main problem with ad-hoc mode is that there is no good WPA2 support for it (i.e. no good layer 2 security in ad-hoc mode).
Please note, that however is a shortcoming of the wireless drivers (layer 2) and not of OLSR (which is on layer 3). 

It would be *great* if the commotion project could make WPA2 work in ad-hoc but even if it can not, we still
have a) a way to secure routing messages (i.e. protect the routing layer against malicious insiders) by signing the routing messages [1] 
or b) we can use Tor , OpenVPN, IPSec,...or any other end-to-end encryption scheme to protect the data layer.


So, I see no problem with that. We can do that. We can build that. We don't need to rely on layer 2 WPA2 in ad-hoc mode.
Sure, any encryption will cost CPU power. But that is a trade off that you might want to make when you want to send data securely.


However, I do believe that securing the actual hardware (mobile phones) on its own is more of a challenge.
Especially nowadays when can see an emerging trend of malware coming to smartphones.
That is going to be a real challenge.


[1] Take a look at the SIDR working group at the IETF: https://datatracker.ietf.org/wg/sidr/charter/ for some inspirations
(though, I don't believe in the central PKI for signing routing messages)

> On Wed, Apr 6, 2011 at 11:54 AM, Dan Meredith <meredith at newamerica.net> wrote:
> Heya all,
> 
> Quickly, folks over at OTI have been working to drum up resource support
> for this awesome project. I've updated
> https://tech.chambana.net/projects/commotion with a bunch of broad high
> level text.
> 
> With that, we hope to begin working quickly on the below:
> 
> Create  a virtual organizing and development space for programmers and
> the community coalition
> * Define the coalition’s goals
> * Define and expand the coalition’s partners
> * Define and announce coalition projects and partners
> 
> Solidify a Collaborative Development Strategy
> * Create common development plans
> ** Establish common development plan for Wi-Fi/GSM infrastructure
> integration
> ** Establish common development plan for Wi-Fi/GSM VOIP and SMS
> application integration
> 
> Deploy testbeds for collaborative development
> * Implement a neighborhood/community-scale Wi-Fi/GSM infrastructure testbed
> * Create a Wi-Fi/GSM VOIP/SMS application testbed
> 
> I'd love thoughts, questions, comments, criticisms, and/or general fud
> from folks
> 
> Cheers,
> --
> Dan Meredith
> Technologist
> New America Foundation
> Open Technology Initiative
> pgp 0x9C1BDFB4
> _______________________________________________
> Commotion-dev mailing list
> Commotion-dev at lists.chambana.net
> http://lists.chambana.net/mailman/listinfo/commotion-dev
> 
> 
> 
> -- 
> Ben West
> me at benwest.name
> 
> _______________________________________________
> Commotion-dev mailing list
> Commotion-dev at lists.chambana.net
> http://lists.chambana.net/mailman/listinfo/commotion-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-dev/attachments/20110406/6571f7d6/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 243 bytes
Desc: This is a digitally signed message part
URL: <http://lists.chambana.net/pipermail/commotion-dev/attachments/20110406/6571f7d6/attachment.sig>

More information about the Commotion-dev mailing list