[Commotion-dev] Whether to use encrypted meshing, how to accept new nodes?

Ben West ben at gowasabi.net
Tue Jun 11 22:12:41 UTC 2013 

FYI, recent patches that appeared on OpenWRT-dev listserv for authsae
support.  However, this may require disabling hardware encryption?

[PATCH] Add elliptic curve crypto compilation options to openssl
https://lists.openwrt.org/pipermail/openwrt-devel/2013-May/020268.html

[PATCH v3] authsae 80211s authentication daemon
https://lists.openwrt.org/pipermail/openwrt-devel/2013-May/020269.html

[PATCH v2] authsae: adapt uci scripts to use authsae
https://lists.openwrt.org/pipermail/openwrt-devel/2013-June/020346.html
https://lists.openwrt.org/pipermail/openwrt-devel/2013-June/020371.html(must
disable hwcrypt?)


On Wed, Dec 19, 2012 at 12:15 PM, Will Hawkins <
hawkinsw at opentechinstitute.org> wrote:

> Ben,
>
> Sorry for just now responding!
>
> On 12/12/2012 07:18 PM, Ben West wrote:
> > Likewise, thank you every for the detailed responses, and especially for
> > providing all the background on what is clearly a well known problem.
> >
> > W.r.t. authsae mentioned by Daniel, I do find this patch for adding an
> > authsae daemon to OpenWRT, although I believe this patch is targeted for
> > 802.11s.
> > http://patchwork.openwrt.org/patch/1350/
> >
> > Likewise this ticket in the OpenWRT queue:
> > https://dev.openwrt.org/ticket/12078
> >
> > Further investigation into authsae options for 802.11n adhoc leads to
> > this issue filed by Will Hawkins on a very familiar looking website:
> > https://code.commotionwireless.net/issues/305
> >
> > "Submitted some patches upstream to cozybit authsae project. Next up,
> > attempting to upstream patches to the kernel."
> >
> > Will, do you happen to links to the patch submissions you made for
> > kernel and authsae?  I'm curious when this makes its way into OpenWRT
> > trunk.  (No mention of authsae in recent OpenWRT-devel chatter.)
>
> I have links to the patches that I submitted for the Linux kernel to
> make authsae possible over adhoc networks. The change is a rather modest
> two lines and was accepted into the kernel months ago. If you are
> running compat-wireless or a recent kernel you probably already have the
> change. Otherwise, you can look here:
>
> http://git.kernel.org/?p=linux/kernel/git/jberg/mac80211.git;a=commit;h=3bfda62c50b0a4b118dcfce36686508ca2892292
>
> http://git.kernel.org/?p=linux/kernel/git/jberg/mac80211.git;a=commit;h=452a6d22615bb8262a932b362f41fc5d89f03293
>
> http://git.kernel.org/?p=linux/kernel/git/jberg/mac80211.git;a=commit;h=6abe0563224f8540c88e1d84d2bb394bd408c951
>
> As for the authsae patches, I submitted them to the Cozybit developers.
> They suggested improvements/changes and we went back and forth several
> times. We stopped going down that path because we decided that it would
> ultimately be better to integrate authsae directly with wpa_supplicant
> so that we would not need to add an extra binary into Commotion. But, if
> you are curious, you can look here:
> https://github.com/hawkinswnaf/authsae
>
> Fortunately, the cozybit people already have a "custom" wpa_supplicant
> with authsae support. Yet, that's not the end of the issue. The signal
> that they used to trigger an authsae handshake was not available for
> adhoc nodes. That recently changed. Within the last week there was a
> kernel patch that will allow us to grab a signal when a new peer adhoc
> node is available for authentication. This means that we'll have an
> easier time integrating authsae for mesh in wpa_supplicant.
>
> I hope this information helped provide a little bit of background about
> what we are working on with authsae. It's a pretty long-winded way of
> saying, "we're working on it". :-)  Let me know your thoughts!
>
> Talk to you soon!
> Will
>
> >
> > --
> > Ben West
> > http://gowasabi.net
> > ben at gowasabi.net <mailto:ben at gowasabi.net>
> > 314-246-9434
> >
> >
> >
> > _______________________________________________
> > Commotion-dev mailing list
> > Commotion-dev at lists.chambana.net
> > http://lists.chambana.net/mailman/listinfo/commotion-dev
> >
> _______________________________________________
> Commotion-dev mailing list
> Commotion-dev at lists.chambana.net
> http://lists.chambana.net/mailman/listinfo/commotion-dev
>
>


-- 
Ben West
http://gowasabi.net
ben at gowasabi.net
314-246-9434
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-dev/attachments/20130611/51a66fad/attachment-0001.html>

More information about the Commotion-dev mailing list