I want to present my implementation idea and get some reviews on my
entry for GSoC. I have chosen Linux kernel improvements.
My idea is to make the communication secure between a beagle board and
any other machine connected in the same subnet by making appropriate
changes to Linux kernel. I intend to use a protocol similar to SSL.
Basics:
Any two computing machines communication can be made secure by
encrypting at 'Application layer'. Even then some information crucial
can be compromised by knowing the amount of communication each node
accesses.
Application:
Assume a group of robots using beagle boards are trying to accomplish
a task working as a team. In this model, communication among all the
robots is in the same subnet. Any communication among these robots can
be known by compromising any one of the robots.
Even though the data is encrypted at the 'Application layer', we'll be
able to find out the importance of a robot for a particular mission
depending upon amount of data being accessed by that robot.
So, to make the communication secure the encryption is done at the
'DataLink layer' so that when each packet is received each robot
decrypts to find out whether the packet is for it. Hence, we are able
to successfully hide the importance of each machine.
Implementation:
When two nodes have to communicate in same subnet, each would generate
a random number (private key for communication among these two nodes
only) and start exchanging their private keys using Public Key
encryption algorithm (ex: RSA). Each node maintains a table similar to
routing table to find out with which key it has to encrypt in order to
send data to a particular node. Hence a table lookup would suffice to
find out the key to be used for communication. (Here the default
gateway is also assumed to be a node similar to nodes connected to
it.)
In the Linux Kernel, I would create new system calls in Ethernet for
encrypting (send) and decrypting (receive) and replace the normal send
and receive.
Further Exploration:
If time permits find out If this kind of protocol would be useful in
Bluetooth, WiFi etc.
Please let me know your valuable feedback on this project proposal.
Security is a pretty complicated area with a lot of pit-falls There
are also existing network protocols, mechanisms, and indeed
implementations already inside linux for doing what you describe.
These are independent of the beagleboard, as they should be.
Unless you are a real 'security guru' you're unlikely to come up with
something that will gain a life of it's own or continue beyond GSOC.
Although experimentation is required for learning, GSOC projects need
to aim to increase the pool of quality free and 'open sauce' software,
not just as a 'final year project' learning exercise for the student.
I would suggest you try to think of something more beagleboard
specific, as well as something that hasn't already been done (to
death++) in linux.
Basics:
Any two computing machines communication can be made secure by
encrypting at 'Application layer'. Even then some information crucial
can be compromised by knowing the amount of communication each node
accesses.
Application:
Assume a group of robots using beagle boards are trying to accomplish
a task working as a team. In this model, communication among all the
robots is in the same subnet. Any communication among these robots can
be known by compromising any one of the robots.
why? compromising a single member does not mean that all member traffic
is compromised.
Even though the data is encrypted at the 'Application layer', we'll be
able to find out the importance of a robot for a particular mission
depending upon amount of data being accessed by that robot.
So, to make the communication secure the encryption is done at the
'DataLink layer' so that when each packet is received each robot
decrypts to find out whether the packet is for it. Hence, we are able
to successfully hide the importance of each machine.
maybe, but why does this need to be done in the kernel? devising a
secure protocoll that adds some kind of "masking" overhead to the
communication seems doable in userspace, no?
Implementation:
When two nodes have to communicate in same subnet, each would generate
a random number (private key for communication among these two nodes
only) and start exchanging their private keys using Public Key
encryption algorithm (ex: RSA). Each node maintains a table similar to
routing table to find out with which key it has to encrypt in order to
send data to a particular node. Hence a table lookup would suffice to
find out the key to be used for communication. (Here the default
gateway is also assumed to be a node similar to nodes connected to
it.)
yes, trivial so far...
In the Linux Kernel, I would create new system calls in Ethernet for
encrypting (send) and decrypting (receive) and replace the normal send
and receive.
I still don't see what this has got to do with the kernel. Secure network
communication exists in a variety of schemes, all handled nicely in user
space.