[OpenWireless Tech] Open secure wireless

demos demos at posteo.de
Fri Jun 19 01:41:08 PDT 2015 

Am 19.06.2015 um 01:45 schrieb demos:
> Hi:)
> 
> Am 19.06.2015 um 00:31 schrieb Mitar:> Hi!
>>
>> I think the main approach I would take is to not have any special
>> private key on the router, but just do session-based encryption. WPA2
>> is already doing that. (Of course, it is not perfect, if you listen to
>> initial frames you can decrypt traffic.)-> that would be prevented having the public key of your communication partner.
> 
> well and the meta-data-protection feature? :)
> meta data are the context for content, they are the index of a book.
> they are sensitive data.
> 
> I forgot to mention that it does authentication too and has a friend to
> friend
> mode- for a friend to friend darknet.
> 
>  You should need a private key
>> only to prevent MITM attacks. But for example for mesh networks there
>> are so many other ways to do MITM that it is questionable how much
>> would be worth to do try to prevent it on the client connection.
> 
> Page 40 examines possible attack scenarios on GNUnet.
> http://dotnetlabs.org/Content/pdf/GNUnet.pdf
> Are these attacks considered here?(Index page 4, the very helpful
> metadata :))

To be more clear with these i mean the MITM attacks in mesh networks you
mentioned.
Do you think they apply to GNUnet too?

> 
> 
> good night.
> Demos
>>
>> On Thu, Jun 18, 2015 at 12:55 AM, Russell Senior
>> <russell at personaltelco.net> wrote:
>>> Does this idea require a keeping a private key on the router?  If so,
>>> that's a problem, since routers are often quite vulnerable to physical
>>> access.  If an entire community network relied on a single certificate
>>> for authentication across all of their infrastructure (based on their
>>> extended SSID), then losing one AP could mean complete compromise.
>>>
>>> On Thu, Jun 18, 2015 at 12:18 AM, Diderik van Wingerden
>>> <diderik at think-innovation.com> wrote:
>>>> Hi Mitar,
>>>>
>>>> Thanks for sharing. I am no expert on the subject, but it sounds like a
>>>> great addition to open wireless (and wireless networking in general). So
>>>> would it be possible to implement this in LibreCMC (or OpenWRT) for
>>>> example? And would it then require something on the client's end? Like a
>>>> new driver or certificate, as you mention? I mean, the solution would of
>>>> course be adopted much faster if a client install/config of some sort
>>>> would not be necessary, or at least be super easy.
>>>>
>>>> best regards,
>>>> Diderik
>>>>
>>>>
>>>> On 17-06-15 21:00, tech-request at openwireless.org wrote:
>>>>> Send Tech mailing list submissions to
>>>>>       tech at openwireless.org
>>>>>
>>>>> To subscribe or unsubscribe via the World Wide Web, visit
>>>>>       https://srv1.openwireless.org/mailman/listinfo/tech
>>>>> or, via email, send a message with subject or body 'help' to
>>>>>       tech-request at openwireless.org
>>>>>
>>>>> You can reach the person managing the list at
>>>>>       tech-owner at openwireless.org
>>>>>
>>>>> When replying, please edit your Subject line so it is more specific
>>>>> than "Re: Contents of Tech digest..."
>>>>>
>>>>>
>>>>> Today's Topics:
>>>>>
>>>>>    1. Open secure wireless (Mitar)
>>>>>
>>>>>
>>>>> ----------------------------------------------------------------------
>>>>>
>>>>> Message: 1
>>>>> Date: Wed, 17 Jun 2015 04:33:16 -0700
>>>>> From: Mitar <mmitar at gmail.com>
>>>>> To: tech at openwireless.org
>>>>> Subject: [OpenWireless Tech] Open secure wireless
>>>>> Message-ID:
>>>>>       <CAKLmikP830_XKz2aAiW0wpD7fAOS+OZGUG46sOBC1fG8JHGXHw at mail.gmail.com>
>>>>> Content-Type: text/plain; charset=UTF-8
>>>>>
>>>>> Hi!
>>>>>
>>>>> Reading this old post:
>>>>>
>>>>> https://www.eff.org/deeplinks/2011/04/open-wireless-movement
>>>>>
>>>>> I wanted to point some research done on this some time ago:
>>>>>
>>>>> http://www.riosec.com/articles/Open-Secure-Wireless
>>>>> http://www.riosec.com/articles/Open-Secure-Wireless/Open-Secure-Wireless.pdf
>>>>>
>>>>> And also some progress:
>>>>>
>>>>> http://www.riosec.com/articles/open-secure-wireless-20
>>>>>
>>>>> If you are not doing that already, I think EFF should get on board of
>>>>> supporting those changes to the standard.
>>>>>
>>>>> (BTW, originally, as presented in 1.0 paper, WiFi standard does allow
>>>>> open and secure connections, just no operating system really
>>>>> implements it because they all first prompt for the password, before
>>>>> trying to connect to the encrypted WiFi network to figure out the
>>>>> password is really required.)
>>>>>
>>>>>
>>>>> Mitar
>>>>>
>>>>
>>>> --
>>>> Warm regards, hartelijke groet,
>>>>
>>>> Diderik van Wingerden
>>>> +31621639148
>>>> http://www.think-innovation.com/
>>>>
>>>> "Do what is right."
>>>>
>>>> _______________________________________________
>>>> Tech mailing list
>>>> Tech at openwireless.org
>>>> https://srv1.openwireless.org/mailman/listinfo/tech
>>> _______________________________________________
>>> Tech mailing list
>>> Tech at openwireless.org
>>> https://srv1.openwireless.org/mailman/listinfo/tech
>>
>>
>>
> 
> 
> 
> 
> _______________________________________________
> Tech mailing list
> Tech at openwireless.org
> https://srv1.openwireless.org/mailman/listinfo/tech
> 


-- 
Echt Dezentrales Netz - EDN:
The goal of EDN is to verify the applicability of existing technologies
and solutions,
and to integrate them in a comprehensive product.
High level security communication via an Open Wireless Meshnet including
several services.

https://wiki.c3d2.de/Echt_Dezentrales_Netz/en
Key here: https://pgp.mit.edu/pks/lookup?op=get&search=0x9B365E2DBF83D308
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xBF83D308.asc
Type: application/pgp-keys
Size: 4737 bytes
Desc: not available
URL: <https://lists.eff.org/pipermail/tech/attachments/20150619/25990a3c/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.eff.org/pipermail/tech/attachments/20150619/25990a3c/attachment.sig>

More information about the Tech mailing list