[Commotion-dev] SPAN Android App

Jeremy Lakeman Jeremy.Lakeman at gmail.com
Tue Oct 16 00:20:24 UTC 2012 

On Tue, Oct 16, 2012 at 9:04 AM, Robble, Jeff <jrobble at mitre.org> wrote:
> Thanks for the clarification Jeremy.
>
> So you're randomly generating a 256-bit key pair and using the public key
> as the device network address. When you want to send data the serval
> daemon encrypts it using the 256-bit IP address of the destination and
> encapsulates it in a IP/UDP packet. Am I misunderstanding?

A picture is worth a thousand words... The logical structure of our
transmitted IP packets look something like this;

[ethernet header; source MAC, dest MAC, ...]
[ip / udp header; source IP, dest IP, source port, dest port, ...]
[serval packet format version number]
[transmitting device PK]
[payload list;
  [payload;
    - original source PK
    - final destination PK or broadcast identifier for de-duplication
    - next hop PK
    - payload length
    - payload body
  ],
  ...
]

Though the wire format does have some space saving tricks for sending
short abbreviations for PK addresses that are already known by both
parties.

When we receive a packet, we only use the source IP address to work
out where to send unicast reply packets destined for the "transmitting
device PK". And only if we're running in olsr mode or the transmitter
is in a different network sub-net.

We then look through the payload list for anything addressed to us as
the destination or next hop address, and process and/or forward them.

So yes, the network discovers public keys as it builds the routing
table and communicates with other devices. So we can easily encrypt
any packet with a PK destination over the network. But that doesn't
mean we've authenticated anyone's identity or done anything to detect
a man-in-the-middle attack.

Public key verification is still best done in person. Though we are
also looking at verification via an audio channel; relying on your
brain's ability to do voice print verification of identity, while
confirming the fingerprint of a shared secret.

Eventually we may also implement key signing for building a web of trust.

More information about the Commotion-dev mailing list