Hello everyone, > 1) Can we assume secure L2 and/or appropriate device configuration by the > manufacturer/ISP(/user)? (This is what I can assume in my own home.) >
I think secure L2 is not enough for HNCP (and routing protocol) security. *Assuming* we have it, either we allow any connected device to ‘speak’ HNCP, or we require the user to configure authorized neighbors, at the L2 layer, which would be way too complex because of the variety of L2 technologies. The problem is that I wouldn’t want any connected device to be able to participate in HNCP. L2 access is not the same as HNCP authorization. Routers are easier to secure than cloud-based IOT devices, so I would rather introduce a way of filtering authorized HNCP devices. > 2) If not, should the solution be some sort of pre-shared key scheme? (If > not, please explain your alternative solution.) It’s a possibility. I would like to mention this proposal from last IETF: http://tools.ietf.org/html/draft-bonnetain-hncp-security-00 . Not saying it is *the* solution, but an alternative to the PSK relaying on asymmetric crypto. In general, HNCP also needs to bootstrap the routing protocol. So I think HNCP would require some way to share secondary keys (If not the same as the primary), in order to bootstrap other protocol’s security. Cheers, - Pierre _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
