Hi:) Am 19.06.2015 um 00:31 schrieb Mitar:> Hi! > > I think the main approach I would take is to not have any special > private key on the router, but just do session-based encryption. WPA2 > is already doing that. (Of course, it is not perfect, if you listen to > initial frames you can decrypt traffic.)-> that would be prevented having the > public key of your communication partner.
well and the meta-data-protection feature? :) meta data are the context for content, they are the index of a book. they are sensitive data. I forgot to mention that it does authentication too and has a friend to friend mode- for a friend to friend darknet. You should need a private key > only to prevent MITM attacks. But for example for mesh networks there > are so many other ways to do MITM that it is questionable how much > would be worth to do try to prevent it on the client connection. Page 40 examines possible attack scenarios on GNUnet. http://dotnetlabs.org/Content/pdf/GNUnet.pdf Are these attacks considered here?(Index page 4, the very helpful metadata :)) good night. Demos > > On Thu, Jun 18, 2015 at 12:55 AM, Russell Senior > <[email protected]> wrote: >> Does this idea require a keeping a private key on the router? If so, >> that's a problem, since routers are often quite vulnerable to physical >> access. If an entire community network relied on a single certificate >> for authentication across all of their infrastructure (based on their >> extended SSID), then losing one AP could mean complete compromise. >> >> On Thu, Jun 18, 2015 at 12:18 AM, Diderik van Wingerden >> <[email protected]> wrote: >>> Hi Mitar, >>> >>> Thanks for sharing. I am no expert on the subject, but it sounds like a >>> great addition to open wireless (and wireless networking in general). So >>> would it be possible to implement this in LibreCMC (or OpenWRT) for >>> example? And would it then require something on the client's end? Like a >>> new driver or certificate, as you mention? I mean, the solution would of >>> course be adopted much faster if a client install/config of some sort >>> would not be necessary, or at least be super easy. >>> >>> best regards, >>> Diderik >>> >>> >>> On 17-06-15 21:00, [email protected] wrote: >>>> Send Tech mailing list submissions to >>>> [email protected] >>>> >>>> To subscribe or unsubscribe via the World Wide Web, visit >>>> https://srv1.openwireless.org/mailman/listinfo/tech >>>> or, via email, send a message with subject or body 'help' to >>>> [email protected] >>>> >>>> You can reach the person managing the list at >>>> [email protected] >>>> >>>> When replying, please edit your Subject line so it is more specific >>>> than "Re: Contents of Tech digest..." >>>> >>>> >>>> Today's Topics: >>>> >>>> 1. Open secure wireless (Mitar) >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> >>>> Message: 1 >>>> Date: Wed, 17 Jun 2015 04:33:16 -0700 >>>> From: Mitar <[email protected]> >>>> To: [email protected] >>>> Subject: [OpenWireless Tech] Open secure wireless >>>> Message-ID: >>>> <caklmikp830_xkz2aaiw0wpd7faos+ozgug46sobc1fg8jhg...@mail.gmail.com> >>>> Content-Type: text/plain; charset=UTF-8 >>>> >>>> Hi! >>>> >>>> Reading this old post: >>>> >>>> https://www.eff.org/deeplinks/2011/04/open-wireless-movement >>>> >>>> I wanted to point some research done on this some time ago: >>>> >>>> http://www.riosec.com/articles/Open-Secure-Wireless >>>> http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf >>>> >>>> And also some progress: >>>> >>>> http://www.riosec.com/articles/open-secure-wireless-20 >>>> >>>> If you are not doing that already, I think EFF should get on board of >>>> supporting those changes to the standard. >>>> >>>> (BTW, originally, as presented in 1.0 paper, WiFi standard does allow >>>> open and secure connections, just no operating system really >>>> implements it because they all first prompt for the password, before >>>> trying to connect to the encrypted WiFi network to figure out the >>>> password is really required.) >>>> >>>> >>>> Mitar >>>> >>> >>> -- >>> Warm regards, hartelijke groet, >>> >>> Diderik van Wingerden >>> +31621639148 >>> http://www.think-innovation.com/ >>> >>> "Do what is right." >>> >>> _______________________________________________ >>> Tech mailing list >>> [email protected] >>> https://srv1.openwireless.org/mailman/listinfo/tech >> _______________________________________________ >> Tech mailing list >> [email protected] >> https://srv1.openwireless.org/mailman/listinfo/tech > > > -- Echt Dezentrales Netz - EDN: The goal of EDN is to verify the applicability of existing technologies and solutions, and to integrate them in a comprehensive product. High level security communication via an Open Wireless Meshnet including several services. https://wiki.c3d2.de/Echt_Dezentrales_Netz/en Key here: https://pgp.mit.edu/pks/lookup?op=get&search=0x9B365E2DBF83D308
0xBF83D308.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Tech mailing list [email protected] https://srv1.openwireless.org/mailman/listinfo/tech
