Am 19.06.2015 um 01:45 schrieb demos: > Hi:) > > Am 19.06.2015 um 00:31 schrieb Mitar:> Hi! >> >> I think the main approach I would take is to not have any special >> private key on the router, but just do session-based encryption. WPA2 >> is already doing that. (Of course, it is not perfect, if you listen to >> initial frames you can decrypt traffic.)-> that would be prevented having >> the public key of your communication partner. > > well and the meta-data-protection feature? :) > meta data are the context for content, they are the index of a book. > they are sensitive data. > > I forgot to mention that it does authentication too and has a friend to > friend > mode- for a friend to friend darknet. > > You should need a private key >> only to prevent MITM attacks. But for example for mesh networks there >> are so many other ways to do MITM that it is questionable how much >> would be worth to do try to prevent it on the client connection. > > Page 40 examines possible attack scenarios on GNUnet. > http://dotnetlabs.org/Content/pdf/GNUnet.pdf > Are these attacks considered here?(Index page 4, the very helpful > metadata :))
To be more clear with these i mean the MITM attacks in mesh networks you mentioned. Do you think they apply to GNUnet too? > > > good night. > Demos >> >> On Thu, Jun 18, 2015 at 12:55 AM, Russell Senior >> <[email protected]> wrote: >>> Does this idea require a keeping a private key on the router? If so, >>> that's a problem, since routers are often quite vulnerable to physical >>> access. If an entire community network relied on a single certificate >>> for authentication across all of their infrastructure (based on their >>> extended SSID), then losing one AP could mean complete compromise. >>> >>> On Thu, Jun 18, 2015 at 12:18 AM, Diderik van Wingerden >>> <[email protected]> wrote: >>>> Hi Mitar, >>>> >>>> Thanks for sharing. I am no expert on the subject, but it sounds like a >>>> great addition to open wireless (and wireless networking in general). So >>>> would it be possible to implement this in LibreCMC (or OpenWRT) for >>>> example? And would it then require something on the client's end? Like a >>>> new driver or certificate, as you mention? I mean, the solution would of >>>> course be adopted much faster if a client install/config of some sort >>>> would not be necessary, or at least be super easy. >>>> >>>> best regards, >>>> Diderik >>>> >>>> >>>> On 17-06-15 21:00, [email protected] wrote: >>>>> Send Tech mailing list submissions to >>>>> [email protected] >>>>> >>>>> To subscribe or unsubscribe via the World Wide Web, visit >>>>> https://srv1.openwireless.org/mailman/listinfo/tech >>>>> or, via email, send a message with subject or body 'help' to >>>>> [email protected] >>>>> >>>>> You can reach the person managing the list at >>>>> [email protected] >>>>> >>>>> When replying, please edit your Subject line so it is more specific >>>>> than "Re: Contents of Tech digest..." >>>>> >>>>> >>>>> Today's Topics: >>>>> >>>>> 1. Open secure wireless (Mitar) >>>>> >>>>> >>>>> ---------------------------------------------------------------------- >>>>> >>>>> Message: 1 >>>>> Date: Wed, 17 Jun 2015 04:33:16 -0700 >>>>> From: Mitar <[email protected]> >>>>> To: [email protected] >>>>> Subject: [OpenWireless Tech] Open secure wireless >>>>> Message-ID: >>>>> <caklmikp830_xkz2aaiw0wpd7faos+ozgug46sobc1fg8jhg...@mail.gmail.com> >>>>> Content-Type: text/plain; charset=UTF-8 >>>>> >>>>> Hi! >>>>> >>>>> Reading this old post: >>>>> >>>>> https://www.eff.org/deeplinks/2011/04/open-wireless-movement >>>>> >>>>> I wanted to point some research done on this some time ago: >>>>> >>>>> http://www.riosec.com/articles/Open-Secure-Wireless >>>>> http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf >>>>> >>>>> And also some progress: >>>>> >>>>> http://www.riosec.com/articles/open-secure-wireless-20 >>>>> >>>>> If you are not doing that already, I think EFF should get on board of >>>>> supporting those changes to the standard. >>>>> >>>>> (BTW, originally, as presented in 1.0 paper, WiFi standard does allow >>>>> open and secure connections, just no operating system really >>>>> implements it because they all first prompt for the password, before >>>>> trying to connect to the encrypted WiFi network to figure out the >>>>> password is really required.) >>>>> >>>>> >>>>> Mitar >>>>> >>>> >>>> -- >>>> Warm regards, hartelijke groet, >>>> >>>> Diderik van Wingerden >>>> +31621639148 >>>> http://www.think-innovation.com/ >>>> >>>> "Do what is right." >>>> >>>> _______________________________________________ >>>> Tech mailing list >>>> [email protected] >>>> https://srv1.openwireless.org/mailman/listinfo/tech >>> _______________________________________________ >>> Tech mailing list >>> [email protected] >>> https://srv1.openwireless.org/mailman/listinfo/tech >> >> >> > > > > > _______________________________________________ > Tech mailing list > [email protected] > https://srv1.openwireless.org/mailman/listinfo/tech > -- Echt Dezentrales Netz - EDN: The goal of EDN is to verify the applicability of existing technologies and solutions, and to integrate them in a comprehensive product. High level security communication via an Open Wireless Meshnet including several services. https://wiki.c3d2.de/Echt_Dezentrales_Netz/en Key here: https://pgp.mit.edu/pks/lookup?op=get&search=0x9B365E2DBF83D308
0xBF83D308.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Tech mailing list [email protected] https://srv1.openwireless.org/mailman/listinfo/tech
