git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Suggestion: Native Linux Network Encryption (NLNE)


On Tue, Apr 17, 2018 at 1:05 PM, Jesse Cox <ki4jgt at gmail.com> wrote:
> You guys don't know me. I'm not a developer of the OS but I think I have
> something which could benefit it in the long run.
>
> Here's the thing: I've been watching video after video about data security
> and encryption and why the average person refuses to adopt encryption
> standards. According to most of these videos, encryption is lacking in the
> world because it's complicated and no one wants to take the time to
> uncomplicate it. SSL was phased in because Netscape added it to their
> browser, forcing all the others to adopt it. I don't have the time to
> develop this project but I have an idea of how to implement a native
> encryption over insecure networks, for all Linux devices on the network. If
> this were a Linux router, it'd also be able to provide security despite
> having an open network.
>
> Here's the idea:
>
> This is all over an unsecured network (so Alice and Bob both have IP
> addresses -- let's say in the IPv4 spectrum for local wifi with an open
> network).
>
> Alice wants to talk to Bob and each of them have the networking software
> (virtual networking device) installed.
>
> The virtual device works by creating an IPv6 address for its client (so they
> both have one). The IPv6 is a hash of each client's public key.
>
> Let's say Alice's public key hash was 00:11:22:33:44:55:66
>
> And Bob's was 77:88:99:10:11:12
>
> Alice's virtual interface would broadcast a message over the IPv4 network
> asking for 77:88:99:10:11:12's public key (since the IP is a hash, the key
> must match and since Bob is the only one with the private key to match the
> hash, he's the only one who can communicate.

This is a bad assumption - a 'hash' is a reduction of a large value
down to a smaller value; it is incorrect that "Bob is the only one
with the private key to match the hash".  Whatever the hash function,
if the number of bits in the hash (IPv6 addr, 128 bits) is less than
the number of bits in the key (at least 2048, could be 4096 or even
higher) then there is no possible hash function that would hash each
key value into a unique hash value.  It's just not mathematically
possible.

Additionally, there are restrictions on what IPv6 value can be used.

Also, you seem to be confusing MAC addresses (XX:XX:XX:XX:XX:XX) with
IPv6 addresses (XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX).

>
> Once Bob's interface sends Alice's interface his private key

Typically, you never give your private key away to anyone or any other
system.  It's not really "private" if you're giving it away, then it's
called a "shared" key.

> -- in response
> to the broadcast -- the interfaces can exchange AES keys and then
> communicate. The communications can't be hijacked at any point, just
> stopped.
>
> Why is this important?
>
> Linux as a system has a past of creating solutions which benefit their users
> well before any other system. As the push for encryption continues, history
> has shown us that users will not implement safety measures themselves. I
> think it'd be great for Ubuntu to set the standard for a Native Linux
> Network Encryption protocol, which starts on bootup with the system in
> question. This is just an idea but it'd be awesome and a major step forward
> in IT security.

I'm not saying this idea is not possible, it probably is possible at
the L2 layer to add some native encryption involving a per-endpoint
key exchange that encrypts each point-to-point L2 communication
separately.  However, I think that would be far, far more complex than
what you've outlined, but if I'm misunderstanding you then perhaps a
whitepaper with specific details on the entire process would help
explain your idea.

>
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss