[dtn-security] Re(many): Is there a "secure" referenceimplementation of the DTN stack?

[Peter Lovell <plovell@mac.com>]

Hi Graham,

yes - an ad-hoc key server in a DTN environment doesn't make a lot of sense.

We've tended to use PKI keys in examples as they simplify the
distribution issue and have reasonable lifetimes for the tasks but, as
you point out, key loss is problematic. Requiring CRL access does rather
defeat the whole point of DTN.

If it is important that you react very quickly to key loss, then group
keying may be a better solution. If a node is compromised, the group is
rekeyed as quickly as the key server can do it (after it finds out).
Some nodes might be disconnected for a while and still have old keys but
they won't be getting much (or any) traffic so this can be dealt with.
The new key from the key server should arrive about the same time as any
bundles using the new key. Obviously, group membership in this scenario
is based upon being authorized, rather than which authorized nodes are
currently connected (many groups work this way).

Cheers.....Peter



On Tue, Jun 30, 2009, Graham Keellings (Leonix Solutions Pte Ltd)
<Graham@LeonixSolutions.com> wrote:

>Eddy, Wesley M. (GRC-MS00)[Verizon] wrote:
>> As Peter mentioned earlier, even with a complete BSP implementation,
>> you still have to figure out how to do key management on your own.
>> This is the hardest and most complex part,
>It certainly is. Since we are worried about security, we can consider
>military or banking use, and think about the use cases, for isntance,
>for 1) initial key distribution to the whole network 2) addition of a
>new member 3) individual key revocation 4) mass update of all key? (if
>even needed, and probably just use case 1)
>
>Some schemes, like Prophet, seem ok, but, if I understand correctly,
>keys have a specific lifetime and then expire. What if the DTN device
>falls into the wrong hands before then? One would want to revoke it
>immediately, would one not?
>
>How does one distribute the keys, given that it makes little on no sense
>to have a key server in an ad hoc network? (I suppose that before every
>battle or at the start of each work day, each user could bring their
>device within range of a "secure" key server, but that seems rather
>contrived). If the number of nodes will never vary, then each could be
>pre-programmed with the appropriate keys, but this seems rather
>restrictive, and again there is the problem of revocation.
>
>This does need some serious thinking, which is probably why I have been
>instructed to "ignore it until a  future release" (lucky me ;-)
>
>Thanks again for the input. I am now off to struggle with Peter's
>"stony" description of the existing security mechanism.
>
>With best wishes,
>
>Graham
>
>
>>  if you need it to scale
>> to some level, be robust to disconnection, delay, and low bandwidth,
>> and if you rely on the established keys to carry critical traffic.
>> The BSP is only part of the solution you need, and the rest is left
>> as an exercise to the user ...
>>
>> ---------------------------
>> Wes Eddy