[Battlemesh] time sychronization in wibed
Daniel Golle
daniel at makrotopia.org
Sat Aug 8 14:34:53 CEST 2015
Hi Benhamin,
On Sat, Aug 08, 2015 at 01:47:19PM +0200, Benjamin Henrion wrote:
> > Any ideas?
>
> That remembers me the debugging I spent on curvetun vpn to find out it
> does not work if the 2 nodes are not in sync:
>
> https://github.com/netsniff-ng/netsniff-ng/issues/141
>
> I think the crypto is very sensitive to time differences.
I'd assume these problems do exists for a variety of cryptographic
protocols. For some of them there are ways to get around it on OpenWrt
at the cost of weakened security (e.g. setting wpa_supplicant's
CONFIG_WPA_SUPPLICANT_NO_TIMESTAMP_CHECK option).
I'm currently trying to achieve something similar with GNUnet, however,
due to the wide-spread use of wall-time in that implementation this
is not as easy as it might be in other cases...
>
> You might need an external clock source, like a GPS receiver if you do
> not have network.
GNUnet only requires *roughly* synchronized time (+/- 6h) which is eays to
achieve when relying in insecure and centralized ways of doing that
such as NTP or rdate in non-hostile environments like our testbed.
Relying on GPS (which is hard but not impossible to spoof) is also not
such a good idea as it adds a single point-of-failure to an otherwise
entirely distributed design.
Cheers
Daniel
More information about the Battlemesh
mailing list