Re: [dtn-security] Security for DTN

"Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov> Thu, 03 February 2011 13:40 UTC

Received: from ndjsnpf02.ndc.nasa.gov (ndjsnpf02.ndc.nasa.gov [198.117.1.122]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id p13De0gj006804; Thu, 3 Feb 2011 05:40:00 -0800
Received: from ndjsppt03.ndc.nasa.gov (ndjsppt03.ndc.nasa.gov [198.117.1.102]) by ndjsnpf02.ndc.nasa.gov (Postfix) with ESMTP id 6B05BA8061; Thu, 3 Feb 2011 07:40:01 -0600 (CST)
Received: from ndjshub05.ndc.nasa.gov (ndjshub05.ndc.nasa.gov [198.117.4.164]) by ndjsppt03.ndc.nasa.gov (8.14.3/8.14.3) with ESMTP id p13De1Yt020672; Thu, 3 Feb 2011 07:40:01 -0600
Received: from NDJSSCC07.ndc.nasa.gov ([198.117.4.178]) by ndjshub05.ndc.nasa.gov ([198.117.4.164]) with mapi; Thu, 3 Feb 2011 07:40:01 -0600
From: "Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov>
To: Shoaib Malik <shoaibmalik1981@gmail.com>
Date: Thu, 3 Feb 2011 07:40:00 -0600
Thread-Topic: [dtn-security] Security for DTN
Thread-Index: AcvDp9sNCfGXKlOZSem60A1pT20QRA==
Message-ID: <0B27E624-2CD5-402D-97A1-243040983F0E@nasa.gov>
References: <AANLkTikJGn8Uyomdk3ErRsjapRA1VvTiGyWazg+ddMrF@mail.gmail.com>
In-Reply-To: <AANLkTikJGn8Uyomdk3ErRsjapRA1VvTiGyWazg+ddMrF@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.2.15, 1.0.148, 0.0.0000 definitions=2011-02-03_06:2011-02-03, 2011-02-03, 1970-01-01 signatures=0
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by maillists.intel-research.net id p13De0gj006804
Cc: "dtn-security@maillists.intel-research.net" <dtn-security@maillists.intel-research.net>, "dtn-interest@maillists.intel-research.net" <dtn-interest@maillists.intel-research.net>
Subject: Re: [dtn-security] Security for DTN
X-BeenThere: dtn-security@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <dtn-security.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@maillists.intel-research.net>
List-Help: <mailto:dtn-security-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Thu, 03 Feb 2011 13:40:00 -0000

Shoaib,

>From the question, I believe you are new to network security.  It is a painful subject that many do not understand well - at least in practical deployments. 

DTN is a network overlay.  So, you have the security, or lack of security on each of the underlying networks (convergence layers) which may include IPv4, IPv6, CCSDS (google it), bluetooth, thumb drive policy, radio link security etcetera.  In addition, you have DTN security.  You can assume nothing  on any of these links.  DTN bundle authentication(between hop security) requires some type of policy configuration and most often, a shared key.  Key distribution has not yet been addressed, nor has there been much work in policy.

The best way to understand the above is  to setup a four hop network and attempt to secure it.  Assuming you are working on an IP network, if you have never setup IPsec, I suggest starting there.  Secure the IP and wireless and then do the DTN.  It will be difficult, but easier to learn the IP network and the concepts with translate to DTN.  I suggest keeping the network fully connected to start.  Once you get everything working, you can add disconnection.  At which point you may decide to turn off IPsec as much of that may break.

This is a lot of work, but when you are done, you will have a fairly decent understanding of security and why it is difficult to deploy in multi-organizational networks.  Note, the vast amount of DTN research to date in the open community has been performed without security.

- Will
On Feb 2, 2011, at 3:00 PM, Shoaib Malik wrote:

> hi, 
> I am working on a secure DTN network. 
> 
> In the DTN network, Suppose a node, say N1, opportunistically becomes available to any other already existing node S, then at that time can we assume that there exist a confidential channel between N1 and S. 
> In general, "Can we assume that there exist a confidential channel between each hop nodes, in a multi hop network". 
> 
> Is taking this assumption good or bad while working on security for DTN. 
> 
> regards,
> Shoaib
> _______________________________________________
> dtn-security mailing list
> dtn-security@maillists.intel-research.net
> http://maillists.intel-research.net/mailman/listinfo/dtn-security

******************************
William D. Ivancic
Phone 216-433-3494
Fax 216-433-8705
Networking Lab 216-433-2620
DTN Lab 216-433-2981
Mobile 440-503-4892
http://roland.grc.nasa.gov/~ivancic