If anyones interested in an orinoco based driver that uses AES
encryption and different keys for every path then you may wish to take
a look at
http://www.umr.edu/~denier/ses
IMPORTANT: This breaks compatibility with other 802.11 communications.
If a person wants to use this, they need to use this on all their
computers they want to comunicate with this.
Additional details are there and in the files. This version is a work
in progress. Later versions will be much more useful and include
elliptic curve based public key encryption for key handling.
While this uses the orinoco drivers, right now I'm the only one working
on it so please send questions directly to me. I'll of course gladly
accept any help I can get. In particular I'd like to know if people
begin to use this for daily use.
Note that I'm not even particularly trying to make sure this works on
machines with different endianness right now. Other than that it should
be portable. I'll eventually try to correct that as well.
>From what I can tell using this doesn't slow down transfer times in a
noticeable way. Having encryption running was adding about 6 seconds to
a file that took 7 minutes to transfer. This is partly due to the fact
that I'm removing as much of the headers as possible to offset the
additional overhead of the system. Besides a very minor increase in
speed, removing information in the headers that's redundant results in a
minor increase in security as the number of predictable bits is lowered.
When I changed the mtu to 1499 the padding for each packet changed from
13 to 5 bytes (i think) for an nfs transfer. (Each encrypted section
must be a multiple of 16 bytes.) This resulted in another minor
increase in performance.
One concern I have is I may be drawing from the entropy pool too much
for the random padding bytes used to randomize things. If another
application that draws random numbers from it slows down alot, let me
know and I'll make changes.
-Robert
-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
|
