[OpenWireless Tech] Open secure wireless

demos demos at posteo.de
Thu Jun 18 16:45:35 PDT 2015 

Hi:)

Am 19.06.2015 um 00:31 schrieb Mitar:> Hi!
> 
> I think the main approach I would take is to not have any special
> private key on the router, but just do session-based encryption. WPA2
> is already doing that. (Of course, it is not perfect, if you listen to
> initial frames you can decrypt traffic.)-> that would be prevented having the public key of your communication partner.

well and the meta-data-protection feature? :)
meta data are the context for content, they are the index of a book.
they are sensitive data.

I forgot to mention that it does authentication too and has a friend to
friend
mode- for a friend to friend darknet.

 You should need a private key
> only to prevent MITM attacks. But for example for mesh networks there
> are so many other ways to do MITM that it is questionable how much
> would be worth to do try to prevent it on the client connection.

Page 40 examines possible attack scenarios on GNUnet.
http://dotnetlabs.org/Content/pdf/GNUnet.pdf
Are these attacks considered here?(Index page 4, the very helpful
metadata :))


good night.
Demos
> 
> On Thu, Jun 18, 2015 at 12:55 AM, Russell Senior
> <russell at personaltelco.net> wrote:
>> Does this idea require a keeping a private key on the router?  If so,
>> that's a problem, since routers are often quite vulnerable to physical
>> access.  If an entire community network relied on a single certificate
>> for authentication across all of their infrastructure (based on their
>> extended SSID), then losing one AP could mean complete compromise.
>>
>> On Thu, Jun 18, 2015 at 12:18 AM, Diderik van Wingerden
>> <diderik at think-innovation.com> wrote:
>>> Hi Mitar,
>>>
>>> Thanks for sharing. I am no expert on the subject, but it sounds like a
>>> great addition to open wireless (and wireless networking in general). So
>>> would it be possible to implement this in LibreCMC (or OpenWRT) for
>>> example? And would it then require something on the client's end? Like a
>>> new driver or certificate, as you mention? I mean, the solution would of
>>> course be adopted much faster if a client install/config of some sort
>>> would not be necessary, or at least be super easy.
>>>
>>> best regards,
>>> Diderik
>>>
>>>
>>> On 17-06-15 21:00, tech-request at openwireless.org wrote:
>>>> Send Tech mailing list submissions to
>>>>       tech at openwireless.org
>>>>
>>>> To subscribe or unsubscribe via the World Wide Web, visit
>>>>       https://srv1.openwireless.org/mailman/listinfo/tech
>>>> or, via email, send a message with subject or body 'help' to
>>>>       tech-request at openwireless.org
>>>>
>>>> You can reach the person managing the list at
>>>>       tech-owner at openwireless.org
>>>>
>>>> When replying, please edit your Subject line so it is more specific
>>>> than "Re: Contents of Tech digest..."
>>>>
>>>>
>>>> Today's Topics:
>>>>
>>>>    1. Open secure wireless (Mitar)
>>>>
>>>>
>>>> ----------------------------------------------------------------------
>>>>
>>>> Message: 1
>>>> Date: Wed, 17 Jun 2015 04:33:16 -0700
>>>> From: Mitar <mmitar at gmail.com>
>>>> To: tech at openwireless.org
>>>> Subject: [OpenWireless Tech] Open secure wireless
>>>> Message-ID:
>>>>       <CAKLmikP830_XKz2aAiW0wpD7fAOS+OZGUG46sOBC1fG8JHGXHw at mail.gmail.com>
>>>> Content-Type: text/plain; charset=UTF-8
>>>>
>>>> Hi!
>>>>
>>>> Reading this old post:
>>>>
>>>> https://www.eff.org/deeplinks/2011/04/open-wireless-movement
>>>>
>>>> I wanted to point some research done on this some time ago:
>>>>
>>>> http://www.riosec.com/articles/Open-Secure-Wireless
>>>> http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf
>>>>
>>>> And also some progress:
>>>>
>>>> http://www.riosec.com/articles/open-secure-wireless-20
>>>>
>>>> If you are not doing that already, I think EFF should get on board of
>>>> supporting those changes to the standard.
>>>>
>>>> (BTW, originally, as presented in 1.0 paper, WiFi standard does allow
>>>> open and secure connections, just no operating system really
>>>> implements it because they all first prompt for the password, before
>>>> trying to connect to the encrypted WiFi network to figure out the
>>>> password is really required.)
>>>>
>>>>
>>>> Mitar
>>>>
>>>
>>> --
>>> Warm regards, hartelijke groet,
>>>
>>> Diderik van Wingerden
>>> +31621639148
>>> http://www.think-innovation.com/
>>>
>>> "Do what is right."
>>>
>>> _______________________________________________
>>> Tech mailing list
>>> Tech at openwireless.org
>>> https://srv1.openwireless.org/mailman/listinfo/tech
>> _______________________________________________
>> Tech mailing list
>> Tech at openwireless.org
>> https://srv1.openwireless.org/mailman/listinfo/tech
> 
> 
> 


-- 
Echt Dezentrales Netz - EDN:
The goal of EDN is to verify the applicability of existing technologies
and solutions,
and to integrate them in a comprehensive product.
High level security communication via an Open Wireless Meshnet including
several services.

https://wiki.c3d2.de/Echt_Dezentrales_Netz/en
Key here: https://pgp.mit.edu/pks/lookup?op=get&search=0x9B365E2DBF83D308
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xBF83D308.asc
Type: application/pgp-keys
Size: 4737 bytes
Desc: not available
URL: <https://lists.eff.org/pipermail/tech/attachments/20150619/f1eece9e/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.eff.org/pipermail/tech/attachments/20150619/f1eece9e/attachment.sig>

More information about the Tech mailing list