b.a.t.m.a.n.lists.open-mesh.org archive mirror
 help / color / mirror / Atom feed
* Authenticity of routing information in Batman
@ 2023-06-30 12:46 Marek Küthe
  2023-07-03  8:55 ` Marek Lindner
  0 siblings, 1 reply; 2+ messages in thread
From: Marek Küthe @ 2023-06-30 12:46 UTC (permalink / raw)
  To: b.a.t.m.a.n

[-- Attachment #1: Type: text/plain, Size: 750 bytes --]

Hello,

I recently came across Batman Adv and the question arose in my mind
whether it is possible to authenticate the routing information exchange
- for example with HMAC as in babel. This would for example prevent
attacks where a malicious node says "I have the perfect route to the
destination!". I am not concerned with encryption or authentication of
the traffic, only of the routing information. Is there anything like
this in Batman (Adv)? If not, is it planned to implement something like
this? If there isn't, does anyone have an idea how something like this
could be done differently (in a different layer)?

I would be very happy to receive answers!

Greetings
Marek Küthe

-- 
Marek Küthe
m.k@mk16.de
er/ihm he/him

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Authenticity of routing information in Batman
  2023-06-30 12:46 Authenticity of routing information in Batman Marek Küthe
@ 2023-07-03  8:55 ` Marek Lindner
  0 siblings, 0 replies; 2+ messages in thread
From: Marek Lindner @ 2023-07-03  8:55 UTC (permalink / raw)
  To: b.a.t.m.a.n

Hi,

> I am not concerned with encryption or authentication of
> the traffic, only of the routing information. Is there anything like
> this in Batman (Adv)?

currently, batman-adv has no mesh authentication built-in.


> If not, is it planned to implement something like this?

I am not aware anyone is working on this topic.


> If there isn't, does anyone have an idea how something like this
> could be done differently (in a different layer)?

The typical approach is to use WiFi encryption (IBSS RSN or 11s SAE) which 
gives you the additional benefit of traffic encryption. SAE also allows a 
separate encryption key per peer to avoid having a sharde secret which can 
leak.

Cheers,
Marek




^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-07-03  8:55 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-06-30 12:46 Authenticity of routing information in Batman Marek Küthe
2023-07-03  8:55 ` Marek Lindner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).