Re: [dtn-security] BSP ciphersuites

Stephen Farrell <> Fri, 19 March 2010 19:16 UTC

Received: from ( []) by (8.13.8/8.13.8) with ESMTP id o2JJGqYt009657 for <>; Fri, 19 Mar 2010 12:16:53 -0700
Received: from localhost (localhost []) by (Postfix) with ESMTP id EDD7E3600A2; Fri, 19 Mar 2010 19:16:53 +0000 (GMT)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6XE-8g21dwLn; Fri, 19 Mar 2010 19:16:50 +0000 (GMT)
Received: from ( []) by (Postfix) with ESMTP id 8D3AA36009D; Fri, 19 Mar 2010 19:16:49 +0000 (GMT)
Received: from localhost (localhost.localdomain []) by (Postfix) with ESMTP id 8BF0C7C36C; Fri, 19 Mar 2010 19:16:49 +0000 (GMT)
X-Virus-Scanned: amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 3UnsfISqIQpd; Fri, 19 Mar 2010 19:16:45 +0000 (GMT)
Received: from [] ( []) by (Postfix) with ESMTP id 28BEB7C36B; Fri, 19 Mar 2010 19:16:44 +0000 (GMT)
Message-ID: <>
Date: Fri, 19 Mar 2010 19:16:47 +0000
From: Stephen Farrell <>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20100227 Lightning/1.0b1 Thunderbird/3.0.3
MIME-Version: 1.0
To: Sebastian Domancich <>
References: <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.0.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [dtn-security] BSP ciphersuites
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 19 Mar 2010 19:16:53 -0000

Hi Sebastian,

I think right now, the only person that can answer that
from experience is probably Peter Lovell who I think is
unavailable for a few days, so just wait a little and I
suspect you'll get an answer from him.

If I were to guess, I'd say its probably a matter of
putting the openssl generated key files in the right
place with the right file names and the right format
and I'd look in the code for hints about that.

But if you hear nothing for a week or so ping the list
again and I'll try get you an answer.


On 03/18/2010 01:30 PM, Sebastian Domancich wrote:
> Hey! Perhaps it would help if I add some context to my previous
> question about using security in DTN2.
> I belong to the Bytewalla project, which aims at providing DTN
> connectivity to rural areas of Africa, by means of an Android
> implementation of the Bundle Protocol.  Our project would fit under
> the category of "Extending the Internet: Predetermined Mobility Paths
> but No Hard Schedule", according to the terminology used by N4C to
> specify usage scenarios for DTN.
> In January 2010 our group published an Android Implementation of the
> Bundle Protocol, being interoperable with the Reference Implementation
> (DTN2). Our previous work can be found here:
> Right now I am working on the security aspects of the project, and our
> plan is to port the security mechanisms from DTN2 to our Android
> implementation to provide confidentiality and privacy to the
> communication.
> I was wondering if anyone with experience on sending PSB and CB
> protected bundles, could point me into the right direction.
> Thank you in advance for your help.
> Regards,
> Sebastian Domancich.
> On Wed, Mar 17, 2010 at 2:46 PM, Sebastian Domancich
> <> wrote:
>> Dear all,
>> I am working on security in DTN2, to send and receive security protected
>> bundles. I would like to ask for a piece of help.
>> By setting the 20-byte symmetric key, I could send and receive hop-by-hop
>> integrity protected bundles, using the BAB-HMAC ciphersuite and the
>> "security setkey" command.
>> In order to use the PSB (end-to-end integrity protection) and CB
>> (confidentiality) ciphersuites, I read in a previous post in this list that
>> we need to manage the keys using the KeySteward class. I have used OpenSSL
>> to create the RSA public-private pairs. However, I could not figure out how
>> to make use of the implemented functionality. I would like to ask you:
>> *Is there any available code snippet where we make use of the KeySteward
>> class to send and receive bundles with the PSB and the CB ciphersuites?
>> Thank you in advance for your help!
>> Regards,
>> Sebastian Domancich
>> Royal Institute of Technology
>> Helsinki University of Technology
> _______________________________________________
> dtn-security mailing list